CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2023-0296 327 2023-01-17 2023-01-26
0.0
None ??? ??? ??? ??? ??? ???
The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component.
2 CVE-2022-38065 732 2022-12-21 2022-12-28
0.0
None ??? ??? ??? ??? ??? ???
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges.
3 CVE-2022-35653 79 Exec Code XSS 2022-07-25 2022-07-28
0.0
None ??? ??? ??? ??? ??? ???
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.
4 CVE-2022-35651 79 Exec Code XSS 2022-07-25 2022-07-29
0.0
None ??? ??? ??? ??? ??? ???
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks.
5 CVE-2022-34303 Exec Code Bypass 2022-08-26 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
6 CVE-2022-34302 Exec Code Bypass 2022-08-26 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
7 CVE-2022-34301 Exec Code Bypass 2022-08-26 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
8 CVE-2022-25310 DoS 2022-09-06 2022-09-09
0.0
None ??? ??? ??? ??? ??? ???
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.
9 CVE-2022-25309 787 DoS Overflow 2022-09-06 2022-09-09
0.0
None ??? ??? ??? ??? ??? ???
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.
10 CVE-2022-25308 787 DoS Overflow 2022-09-06 2022-09-08
0.0
None ??? ??? ??? ??? ??? ???
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.
11 CVE-2022-23452 863 DoS 2022-09-01 2022-09-07
0.0
None ??? ??? ??? ??? ??? ???
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.
12 CVE-2022-23451 863 DoS 2022-09-06 2022-09-13
0.0
None ??? ??? ??? ??? ??? ???
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.
13 CVE-2022-4743 401 DoS 2023-01-12 2023-01-23
0.0
None ??? ??? ??? ??? ??? ???
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.
14 CVE-2022-4283 416 Exec Code 2022-12-14 2022-12-27
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
15 CVE-2022-4144 125 DoS 2022-11-29 2023-01-19
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.
16 CVE-2022-4130 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
17 CVE-2022-4116 94 Exec Code 2022-11-22 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
18 CVE-2022-3841 918 2023-01-13 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauthenticated users making requests.
19 CVE-2022-3821 193 DoS 2022-11-08 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
20 CVE-2022-3782 22 Dir. Trav. Bypass 2023-01-13 2023-01-25
0.0
None ??? ??? ??? ??? ??? ???
keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.
21 CVE-2022-3775 787 Exec Code Mem. Corr. 2022-12-19 2022-12-28
0.0
None ??? ??? ??? ??? ??? ???
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
22 CVE-2022-3715 787 Overflow 2023-01-05 2023-01-13
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
23 CVE-2022-3697 2022-10-28 2022-11-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
24 CVE-2022-3675 862 2022-11-03 2023-01-25
0.0
None ??? ??? ??? ??? ??? ???
Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this feature is enabled, GRUB requires a password to access the GRUB command-line, modify kernel command-line arguments, or boot non-default OSTree deployments. Recent Fedora CoreOS releases have a misconfiguration which allows booting non-default OSTree deployments without entering a password. This allows someone with access to the GRUB menu to boot into an older version of Fedora CoreOS, reverting any security fixes that have recently been applied to the machine. A password is still required to modify kernel command-line arguments and to access the GRUB command line.
25 CVE-2022-3650 2023-01-17 2023-01-25
0.0
None ??? ??? ??? ??? ??? ???
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.
26 CVE-2022-3644 522 2022-10-25 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.
27 CVE-2022-3500 248 2022-11-22 2022-12-19
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.
28 CVE-2022-3262 1188 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.
29 CVE-2022-3260 1021 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks.
30 CVE-2022-3259 665 2022-12-09 2022-12-13
0.0
None ??? ??? ??? ??? ??? ???
Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.
31 CVE-2022-3205 79 XSS 2022-09-13 2022-09-17
0.0
None ??? ??? ??? ??? ??? ???
An XSS exists in automation controller UI where the project name is susceptible to XSS injection
32 CVE-2022-3143 203 2023-01-13 2023-01-25
0.0
None ??? ??? ??? ??? ??? ???
wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
33 CVE-2022-3100 305 Bypass 2023-01-18 2023-01-26
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
34 CVE-2022-2990 863 Exec Code 2022-09-13 2022-09-15
0.0
None ??? ??? ??? ??? ??? ???
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
35 CVE-2022-2989 863 Exec Code 2022-09-13 2022-09-15
0.0
None ??? ??? ??? ??? ??? ???
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
36 CVE-2022-2964 119 Overflow 2022-09-09 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
37 CVE-2022-2963 401 2022-10-14 2022-10-18
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.
38 CVE-2022-2938 416 Mem. Corr. 2022-08-23 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
39 CVE-2022-2905 125 2022-09-09 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.
40 CVE-2022-2873 131 2022-08-22 2023-01-26
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
41 CVE-2022-2850 476 DoS 2022-10-14 2022-10-17
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.
42 CVE-2022-2805 312 2022-10-19 2022-11-07
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.
43 CVE-2022-2764 DoS 2022-09-01 2022-11-07
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
44 CVE-2022-2739 2022-09-01 2022-10-01
0.0
None ??? ??? ??? ??? ??? ???
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
45 CVE-2022-2738 416 Exec Code 2022-09-01 2022-10-07
0.0
None ??? ??? ??? ??? ??? ???
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification.
46 CVE-2022-2668 2022-08-05 2022-08-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled
47 CVE-2022-2639 787 2022-09-01 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
48 CVE-2022-2625 1321 2022-08-18 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
49 CVE-2022-2601 787 Overflow 2022-12-14 2022-12-16
0.0
None ??? ??? ??? ??? ??? ???
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
50 CVE-2022-2568 269 2022-08-18 2022-08-22
0.0
None ??? ??? ??? ??? ??? ???
A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges.
Total number of vulnerabilities : 157   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.