Filtered by vendor Redhat
Subscribe
Total
5447 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6622 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-06-25 | N/A | 5.5 MEDIUM |
| A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. | |||||
| CVE-2024-1635 | 2 Netapp, Redhat | 9 Active Iq Unified Manager, Oncommand Workflow Automation, Fuse and 6 more | 2025-06-25 | N/A | 7.5 HIGH |
| A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak. | |||||
| CVE-2023-5379 | 1 Redhat | 3 Jboss Enterprise Application Platform, Single Sign-on, Undertow | 2025-06-25 | N/A | 7.5 HIGH |
| A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by mod_cluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because mod_proxy_cluster marks the JBoss EAP instance as an error worker when the TCP connection is closed from the backend after sending the AJP request without receiving an AJP response, and stops forwarding. This issue could allow a malicious user could to repeatedly send requests that exceed the max-header-size, causing a Denial of Service (DoS). | |||||
| CVE-2023-4527 | 4 Fedoraproject, Gnu, Netapp and 1 more | 32 Fedora, Glibc, H300s and 29 more | 2025-06-24 | N/A | 6.5 MEDIUM |
| A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. | |||||
| CVE-2023-1932 | 2 Hibernate, Redhat | 5 Hibernate-validator, Codeready Studio, Jboss Enterprise Application Platform and 2 more | 2025-06-24 | N/A | 6.1 MEDIUM |
| A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks. | |||||
| CVE-2025-3891 | 3 Apache, Debian, Redhat | 3 Http Server, Debian Linux, Enterprise Linux | 2025-06-23 | N/A | 7.5 HIGH |
| A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability. | |||||
| CVE-2024-5154 | 2 Kubernetes, Redhat | 3 Cri-o, Enterprise Linux, Openshift Container Platform | 2025-06-23 | N/A | 8.1 HIGH |
| A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system. | |||||
| CVE-2024-12086 | 8 Almalinux, Archlinux, Gentoo and 5 more | 9 Almalinux, Arch Linux, Linux and 6 more | 2025-06-20 | N/A | 6.1 MEDIUM |
| A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client. | |||||
| CVE-2024-12087 | 8 Almalinux, Archlinux, Gentoo and 5 more | 18 Almalinux, Arch Linux, Linux and 15 more | 2025-06-20 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. | |||||
| CVE-2025-2784 | 2 Gnome, Redhat | 21 Libsoup, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 18 more | 2025-06-20 | N/A | 7.0 HIGH |
| A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. | |||||
| CVE-2025-3155 | 3 Debian, Gnome, Redhat | 21 Debian Linux, Yelp, Codeready Linux Builder and 18 more | 2025-06-20 | N/A | 7.4 HIGH |
| A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | |||||
| CVE-2025-5914 | 2 Libarchive, Redhat | 3 Libarchive, Enterprise Linux, Openshift Container Platform | 2025-06-20 | N/A | 3.9 LOW |
| A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. | |||||
| CVE-2025-5198 | 2 Redhat, Stackrox | 2 Advanced Cluster Security, Stackrox | 2025-06-19 | N/A | 5.0 MEDIUM |
| A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting (XSS) if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object* that is applied to a secured cluster. This object can be used by a user with access to the cluster or through a compromised third-party product. | |||||
| CVE-2023-3758 | 2 Fedoraproject, Redhat | 23 Fedora, Sssd, Codeready Linux Builder and 20 more | 2025-06-18 | N/A | 7.1 HIGH |
| A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. | |||||
| CVE-2024-1102 | 2 Jberet, Redhat | 2 Jberet, Jboss Enterprise Application Platform | 2025-06-18 | N/A | 6.5 MEDIUM |
| A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection. | |||||
| CVE-2024-3508 | 1 Redhat | 1 Trusted Profile Analyzer | 2025-06-18 | N/A | 4.3 MEDIUM |
| A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform this verification, the uploaded file must first be decompressed. | |||||
| CVE-2024-10295 | 1 Redhat | 1 3scale Api Management | 2025-06-18 | N/A | 7.5 HIGH |
| A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream. | |||||
| CVE-2024-12088 | 8 Almalinux, Archlinux, Gentoo and 5 more | 20 Almalinux, Arch Linux, Linux and 17 more | 2025-06-18 | N/A | 6.5 MEDIUM |
| A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | |||||
| CVE-2024-12084 | 8 Almalinux, Archlinux, Gentoo and 5 more | 8 Almalinux, Arch Linux, Linux and 5 more | 2025-06-18 | N/A | 9.8 CRITICAL |
| A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. | |||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 313 Http Server, Opensearch Data Prepper, Apisix and 310 more | 2025-06-11 | N/A | 7.5 HIGH |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||||