Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

10 matches found

CVE•added 2022/05/16 9:15 p.m.•284 views

CVE-2022-1587

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

9.1CVSS8.9AI score0.0016EPSS

CVE•added 2022/05/16 9:15 p.m.•264 views

CVE-2022-1586

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in ca...

9.1CVSS9.1AI score0.00352EPSS

CVE•added 2022/05/11 4:15 p.m.•253 views

CVE-2021-3611

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects...

6.5CVSS6.1AI score0.00016EPSS

CVE•added 2022/05/02 7:15 p.m.•166 views

CVE-2021-3750

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) whi...

8.2CVSS8.1AI score0.00025EPSS

CVE•added 2022/05/18 6:15 p.m.•145 views

CVE-2022-30599

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.

9.8CVSS9.6AI score0.00897EPSS

CVE•added 2022/05/18 5:15 p.m.•125 views

CVE-2022-30596

A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.

5.4CVSS6.7AI score0.00917EPSS

CVE•added 2022/05/17 6:15 p.m.•119 views

CVE-2022-1706

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidential...

6.5CVSS6AI score0.00281EPSS

CVE•added 2022/05/18 6:15 p.m.•115 views

CVE-2022-30600

A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.

9.8CVSS9.1AI score0.0195EPSS

CVE•added 2022/05/18 6:15 p.m.•97 views

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.

4.3CVSS6.1AI score0.00541EPSS

CVE•added 2022/05/18 6:15 p.m.•87 views

CVE-2022-30597

A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.

5.3CVSS6.8AI score0.00567EPSS