Filtered by vendor Redhat
Subscriptions
Total
21758 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-37434 | 7 Apple, Debian, Fedoraproject and 4 more | 24 Ipados, Iphone Os, Macos and 21 more | 2025-02-13 | 9.8 Critical |
| zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). | ||||
| CVE-2022-3697 | 1 Redhat | 2 Ansible, Ansible Collection | 2025-02-13 | 7.5 High |
| A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs. | ||||
| CVE-2022-36760 | 2 Apache, Redhat | 3 Http Server, Enterprise Linux, Jboss Core Services | 2025-02-13 | 9.0 Critical |
| Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions. | ||||
| CVE-2022-3650 | 1 Redhat | 2 Ceph, Ceph Storage | 2025-02-13 | 7.8 High |
| A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information. | ||||
| CVE-2022-36351 | 4 Debian, Fedoraproject, Intel and 1 more | 16 Debian Linux, Fedora, Killer and 13 more | 2025-02-13 | 4.3 Medium |
| Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2022-34265 | 2 Djangoproject, Redhat | 4 Django, Rhui, Satellite and 1 more | 2025-02-13 | 9.8 Critical |
| An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. | ||||
| CVE-2022-34169 | 7 Apache, Azul, Debian and 4 more | 23 Xalan-java, Zulu, Debian Linux and 20 more | 2025-02-13 | 7.5 High |
| The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. | ||||
| CVE-2022-32886 | 4 Apple, Debian, Fedoraproject and 1 more | 6 Ipados, Iphone Os, Safari and 3 more | 2025-02-13 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-3064 | 2 Redhat, Yaml Project | 7 Enterprise Linux, Openshift, Openshift Devspaces and 4 more | 2025-02-13 | 7.5 High |
| Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. | ||||
| CVE-2022-2880 | 2 Golang, Redhat | 20 Go, Acm, Ceph Storage and 17 more | 2025-02-13 | 7.5 High |
| Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. | ||||
| CVE-2022-2879 | 2 Golang, Redhat | 16 Go, Container Native Virtualization, Devtools and 13 more | 2025-02-13 | 7.5 High |
| Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. | ||||
| CVE-2022-28739 | 4 Apple, Debian, Redhat and 1 more | 5 Macos, Debian Linux, Enterprise Linux and 2 more | 2025-02-13 | 7.5 High |
| There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | ||||
| CVE-2022-28736 | 2 Gnu, Redhat | 4 Grub2, Enterprise Linux, Rhel E4s and 1 more | 2025-02-13 | 6.4 Medium |
| There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2's memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved. | ||||
| CVE-2022-28735 | 2 Gnu, Redhat | 4 Grub2, Enterprise Linux, Rhel E4s and 1 more | 2025-02-13 | 6.7 Medium |
| The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain. | ||||
| CVE-2022-28734 | 3 Gnu, Netapp, Redhat | 5 Grub2, Active Iq Unified Manager, Enterprise Linux and 2 more | 2025-02-13 | 8.1 High |
| Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata. | ||||
| CVE-2022-28733 | 2 Gnu, Redhat | 5 Grub2, Enterprise Linux, Rhel E4s and 2 more | 2025-02-13 | 8.1 High |
| Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer. | ||||
| CVE-2022-2850 | 4 Debian, Fedoraproject, Port389 and 1 more | 6 Debian Linux, Fedora, 389-ds-base and 3 more | 2025-02-13 | 6.5 Medium |
| A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514. | ||||
| CVE-2022-28347 | 3 Debian, Djangoproject, Redhat | 6 Debian Linux, Django, Ansible Automation Platform and 3 more | 2025-02-13 | 9.8 Critical |
| A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name. | ||||
| CVE-2022-28346 | 3 Debian, Djangoproject, Redhat | 7 Debian Linux, Django, Ansible Automation Platform and 4 more | 2025-02-13 | 9.8 Critical |
| An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. | ||||
| CVE-2022-27635 | 4 Debian, Fedoraproject, Intel and 1 more | 20 Debian Linux, Fedora, Killer and 17 more | 2025-02-13 | 8.2 High |
| Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | ||||