redhat
5,618 tracked vulnerabilities.
CVE-2022-4137
HIGH
Keycloak < 20.0.5 - Reflected Cross-Site Scripting via OAuth OOB Endpoint
Sep 25, 2023
CVSS 8.1
EPSS 0.01
CVE-2022-3962
MEDIUM
Kiali < 1.57.4 - Content Spoofing via Error Page Text Injection
Sep 23, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-4039
HIGH
Red Hat Single Sign-On - Unauthenticated Incorrect Default Permissions in Management Interface
Sep 22, 2023
CVSS 8.0
EPSS 0.00
CVE-2022-3874
HIGH
Red Hat Satellite - Authenticated OS Command Injection via CoreOS Template Configuration
Sep 22, 2023
CVSS 8.0
EPSS 0.00
CVE-2022-3596
HIGH
Red Hat OpenStack Platform - Unauthenticated Information Leak via Undercloud IP Discovery
Sep 20, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-3916
MEDIUM
Keycloak < 20.0.2 - Insufficient Session Expiration via Offline Access Scope
Sep 20, 2023
CVSS 6.8
EPSS 0.00
CVE-2022-1438
MEDIUM
Keycloak - Cross-Site Scripting via User Impersonation
Sep 20, 2023
CVSS 6.4
EPSS 0.00
CVE-2022-3261
MEDIUM
Red Hat OpenStack Platform - Cleartext Transmission of Sensitive Information in /var/log/messages
Sep 15, 2023
CVSS 4.4
EPSS 0.00
CVE-2022-3466
MEDIUM
cri-o - Incorrect Default Permissions
Sep 15, 2023
CVSS 4.8
EPSS 0.00
CVE-2022-1415
HIGH
Redhat Decision Manager < 7.69.0.Final - Insecure Deserialization
Sep 11, 2023
CVSS 8.1
EPSS 0.01
CVE-2022-40982
MEDIUM
Intel(R) Processors - Info Disclosure
Aug 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-2127
MEDIUM
Samba 4.16.0-4.16.9 - Out-of-bounds Read in Winbind NTLM Authentication
Jul 20, 2023
CVSS 5.9
EPSS 0.01
CVE-2022-28737
MEDIUM
shim < 15.6 - Out-of-bounds Write via Crafted EFI Executable
Jul 20, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-4361
CRITICAL
Keycloak < 21.1.2 - Cross-Site Scripting via AssertionConsumerServiceURL or redirect_uri
Jul 07, 2023
CVSS 10.0
EPSS 0.01
CVE-2022-3787
HIGH
device-mapper-multipath - Local Privilege Escalation via Keyword Repetition in Access Control
Mar 29, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-1274
MEDIUM
Keycloak < 20.0.5 - Cross-Site Scripting via Execute-Actions-Email Endpoint
Mar 29, 2023
CVSS 5.4
EPSS 0.01
CVE-2022-2237
MEDIUM
Keycloak Node.js Adapter - Open Redirect via checkSso Function
Mar 27, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-3146
MEDIUM
tripleo-ansible - Unauthenticated Sensitive Information Exposure via Insecure File Permissions
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-3101
MEDIUM
tripleo-ansible - Information Disclosure via Insecure File Permissions
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-4904
HIGH
c-ares < 1.19.0 - Denial of Service via ares_set_sortlist Input Validation
Mar 06, 2023
CVSS 8.6
EPSS 0.00
CVE-2022-4134
LOW
openstack-glance - Privilege Escalation
Mar 06, 2023
CVSS 2.8
EPSS 0.00
CVE-2022-3854
MEDIUM
Ceph Storage - Denial of Service via Null URL Processing
Mar 06, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-3707
MEDIUM
Linux Kernel < 6.1 - Double Free in Intel GVT-g Graphics Driver
Mar 06, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-3424
HIGH
Linux Kernel 2.6.33-4.9.337 - Use-After-Free in SGI GRU Driver
Mar 06, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-3277
MEDIUM
openstack-neutron < 18.6.0 and >=19.0.0.0rc1 <19.5.0 - Authenticated Denial of Service via Security Group Query
Mar 06, 2023
CVSS 6.5
EPSS 0.00
Products
enterprise_linux_desktop 1,928
enterprise_linux_server 1,891
enterprise_linux_workstation 1,845
enterprise_linux 1,780
enterprise_linux_server_aus 1,059
enterprise_linux_eus 780
enterprise_linux_server_tus 768
enterprise_linux_server_eus 622
openshift_container_platform 291
jboss_enterprise_application_platform 243
linux 229
satellite 222
openstack 210
enterprise_linux_hpc_node 146
openshift 146
software_collections 137
virtualization 128
enterprise_linux_for_ibm_z_systems 112
single_sign-on 108
enterprise_linux_for_power_little_endian 106
keycloak 98
enterprise_linux_for_power_little_endian_eus 93
enterprise_linux_for_ibm_z_systems_eus 87
enterprise_linux_workstation_supplementary 86
enterprise_linux_desktop_supplementary 84
enterprise_linux_server_supplementary 84
virtualization_host 84
enterprise_linux_server_supplementary_eus 83
enterprise_linux_hpc_node_eus 81
fedora_core 77
Quick Filters