Filtered by vendor Redhat
Subscribe
Total
5791 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-6021 | 2 Redhat, Xmlsoft | 20 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 17 more | 2026-03-24 | N/A | 7.5 HIGH |
| A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. | |||||
| CVE-2024-1485 | 2 Devfile, Redhat | 3 Registry-support, Openshift, Openshift Developer Tools And Services | 2026-03-24 | N/A | 8.0 HIGH |
| A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed. | |||||
| CVE-2024-0914 | 2 Opencryptoki Project, Redhat | 2 Opencryptoki, Enterprise Linux | 2026-03-24 | N/A | 5.9 MEDIUM |
| A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. | |||||
| CVE-2024-0553 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gnutls, Enterprise Linux | 2026-03-24 | N/A | 7.5 HIGH |
| A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981. | |||||
| CVE-2023-6394 | 2 Quarkus, Redhat | 2 Quarkus, Build Of Quarkus | 2026-03-24 | N/A | 7.4 HIGH |
| A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access information and functionality outside of normal granted API permissions. | |||||
| CVE-2023-6377 | 4 Debian, Redhat, Tigervnc and 1 more | 6 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 3 more | 2026-03-24 | N/A | 7.8 HIGH |
| A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. | |||||
| CVE-2023-5178 | 3 Linux, Netapp, Redhat | 5 Linux Kernel, Active Iq Unified Manager, Solidfire \& Hci Management Node and 2 more | 2026-03-24 | N/A | 8.8 HIGH |
| A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. | |||||
| CVE-2023-50782 | 3 Couchbase, Cryptography.io, Redhat | 5 Couchbase Server, Cryptography, Ansible Automation Platform and 2 more | 2026-03-24 | N/A | 7.5 HIGH |
| A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | |||||
| CVE-2023-50781 | 2 M2crypto Project, Redhat | 3 M2crypto, Enterprise Linux, Update Infrastructure | 2026-03-24 | N/A | 7.5 HIGH |
| A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | |||||
| CVE-2023-4194 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2026-03-24 | N/A | 5.5 MEDIUM |
| A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate. | |||||
| CVE-2023-39198 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2026-03-24 | N/A | 7.5 HIGH |
| A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. | |||||
| CVE-2025-6170 | 2 Redhat, Xmlsoft | 4 Enterprise Linux, Jboss Core Services, Openshift Container Platform and 1 more | 2026-03-24 | N/A | 2.5 LOW |
| A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections. | |||||
| CVE-2026-2443 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-23 | N/A | 5.3 MEDIUM |
| A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component. | |||||
| CVE-2025-7424 | 2 Redhat, Xmlsoft | 3 Enterprise Linux, Openshift Container Platform, Libxslt | 2026-03-23 | N/A | 7.5 HIGH |
| A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior. | |||||
| CVE-2026-3099 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-23 | N/A | 5.8 MEDIUM |
| A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user. | |||||
| CVE-2026-3441 | 2 Gnu, Redhat | 3 Binutils, Enterprise Linux, Openshift Container Platform | 2026-03-20 | N/A | 6.1 MEDIUM |
| A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service. | |||||
| CVE-2026-3442 | 2 Gnu, Redhat | 3 Binutils, Enterprise Linux, Openshift Container Platform | 2026-03-20 | N/A | 6.1 MEDIUM |
| A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service. | |||||
| CVE-2024-7143 | 2 Pulpproject, Redhat | 2 Pulp, Ansible Automation Platform | 2026-03-20 | N/A | 8.3 HIGH |
| A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing. | |||||
| CVE-2023-6816 | 4 Debian, Fedoraproject, Redhat and 1 more | 7 Debian Linux, Fedora, Enterprise Linux Desktop and 4 more | 2026-03-19 | N/A | 9.8 CRITICAL |
| A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used. | |||||
| CVE-2026-3632 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-19 | N/A | 3.9 LOW |
| A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure. | |||||