Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-02 | CVE-2022-1652 | Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. | Debian_linux, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux | 7.8 | ||
| 2022-05-16 | CVE-2022-1587 | An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. | Fedora, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire, Pcre2, Enterprise_linux | 9.1 | ||
| 2022-05-17 | CVE-2022-1706 | A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config. | Fedora, Enterprise_linux, Ignition, Openshift_container_platform | 6.5 | ||
| 2022-05-18 | CVE-2022-30596 | A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. | Fedora, Moodle, Enterprise_linux | 5.4 | ||
| 2022-05-18 | CVE-2022-30597 | A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. | Fedora, Moodle, Enterprise_linux | 5.3 | ||
| 2022-05-18 | CVE-2022-30598 | A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. | Fedora, Moodle, Enterprise_linux | 4.3 | ||
| 2022-05-18 | CVE-2022-30599 | A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. | Fedora, Moodle, Enterprise_linux | 9.8 | ||
| 2022-05-18 | CVE-2022-30600 | A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. | Fedora, Moodle, Enterprise_linux | 9.8 | ||
| 2022-06-02 | CVE-2022-1462 | An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory. | Debian_linux, Linux_kernel, Enterprise_linux | 6.3 | ||
| 2022-06-02 | CVE-2022-1789 | With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference. | Debian_linux, Fedora, Linux_kernel, Enterprise_linux | 6.8 |