Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

10 matches found

CVE•added 2022/05/16 9:15 p.m.•278 views

CVE-2022-1587

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

9.1CVSS8.9AI score0.00146EPSS

CVE•added 2022/05/16 9:15 p.m.•258 views

CVE-2022-1586

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in ca...

9.1CVSS9.1AI score0.00331EPSS

CVE•added 2022/05/11 4:15 p.m.•243 views

CVE-2021-3611

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects...

6.5CVSS6.1AI score0.00015EPSS

CVE•added 2022/05/02 7:15 p.m.•153 views

CVE-2021-3750

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) whi...

8.2CVSS8.1AI score0.00023EPSS

CVE•added 2022/05/18 6:15 p.m.•143 views

CVE-2022-30599

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.

9.8CVSS9.6AI score0.00897EPSS

CVE•added 2022/05/18 5:15 p.m.•123 views

CVE-2022-30596

A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.

5.4CVSS6.7AI score0.00917EPSS

CVE•added 2022/05/18 6:15 p.m.•113 views

CVE-2022-30600

A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.

9.8CVSS9.1AI score0.0195EPSS

CVE•added 2022/05/17 6:15 p.m.•104 views

CVE-2022-1706

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidential...

6.5CVSS6AI score0.00264EPSS

CVE•added 2022/05/18 6:15 p.m.•96 views

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.

4.3CVSS6.1AI score0.00541EPSS

CVE•added 2022/05/18 6:15 p.m.•86 views

CVE-2022-30597

A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.

5.3CVSS6.8AI score0.00567EPSS