Filtered by vendor Redhat
Subscriptions
Total
21354 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27386 | 3 Debian, Mariadb, Redhat | 4 Debian Linux, Mariadb, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | ||||
| CVE-2022-27337 | 4 Debian, Fedoraproject, Freedesktop and 1 more | 4 Debian Linux, Fedora, Poppler and 1 more | 2024-08-03 | 6.5 Medium |
| A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||||
| CVE-2022-27383 | 3 Debian, Mariadb, Redhat | 4 Debian Linux, Mariadb, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. | ||||
| CVE-2022-27382 | 2 Mariadb, Redhat | 3 Mariadb, Enterprise Linux, Rhel Software Collections | 2024-08-03 | 7.5 High |
| MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. | ||||
| CVE-2022-27387 | 3 Debian, Mariadb, Redhat | 4 Debian Linux, Mariadb, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | ||||
| CVE-2022-27191 | 3 Fedoraproject, Golang, Redhat | 12 Extra Packages For Enterprise Linux, Fedora, Ssh and 9 more | 2024-08-03 | 7.5 High |
| The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. | ||||
| CVE-2022-26945 | 2 Hashicorp, Redhat | 3 Go-getter, Openshift, Openstack | 2024-08-03 | 9.8 Critical |
| go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0. | ||||
| CVE-2022-26520 | 3 Debian, Postgresql, Redhat | 5 Debian Linux, Postgresql Jdbc Driver, Jboss Enterprise Bpms Platform and 2 more | 2024-08-03 | 9.8 Critical |
| In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties | ||||
| CVE-2022-26691 | 5 Apple, Debian, Fedoraproject and 2 more | 9 Cups, Mac Os X, Macos and 6 more | 2024-08-03 | 6.7 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. | ||||
| CVE-2022-26709 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-03 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-26716 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-03 | 8.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-26710 | 2 Apple, Redhat | 6 Ipados, Iphone Os, Macos and 3 more | 2024-08-03 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-26717 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Itunes and 5 more | 2024-08-03 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-26700 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-03 | 8.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution. | ||||
| CVE-2022-26719 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-03 | 8.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-26485 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Firefox Focus and 4 more | 2024-08-03 | 8.8 High |
| Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. | ||||
| CVE-2022-26353 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Advanced Virtualization and 1 more | 2024-08-03 | 7.5 High |
| A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0. | ||||
| CVE-2022-26486 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Firefox Focus and 4 more | 2024-08-03 | 9.6 Critical |
| An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. | ||||
| CVE-2022-26381 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2024-08-03 | 8.8 High |
| An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. | ||||
| CVE-2022-26373 | 3 Debian, Intel, Redhat | 987 Debian Linux, Celeron 5305u, Celeron 5305u Firmware and 984 more | 2024-08-03 | 5.5 Medium |
| Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||||