Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-13	CVE-2022-1280	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. local high complexity linux redhat CWE-416	6.3
2022-04-11	CVE-2022-0552	Unspecified vulnerability in Redhat Origin-Aggregated-Logging 3.11 A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. network high complexity redhat	5.9
2022-04-04	CVE-2022-27651	Incorrect Default Permissions vulnerability in multiple products A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. network high complexity buildah-project fedoraproject redhat CWE-276	6.8
2022-03-25	CVE-2021-20323	Cross-site Scripting vulnerability in Redhat Keycloak A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. network low complexity redhat CWE-79	6.1
2022-03-25	CVE-2021-3941	In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. local low complexity openexr redhat fedoraproject debian	6.5
2022-03-25	CVE-2021-4147	Improper Locking vulnerability in multiple products A flaw was found in the libvirt libxl driver. local low complexity redhat fedoraproject netapp CWE-667	6.5
2022-03-25	CVE-2022-0897	A flaw was found in the libvirt nwfilter driver. network low complexity redhat netapp	4.3
2022-03-23	CVE-2021-4180	Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. network low complexity redhat openstack CWE-668	4.3
2022-03-23	CVE-2022-0996	Improper Authentication vulnerability in multiple products A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. network low complexity redhat fedoraproject CWE-287	6.5
2022-03-16	CVE-2021-20180	Information Exposure Through Log Files vulnerability in Redhat Ansible A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. local low complexity redhat CWE-532	5.5