Lucene search
K
RedhatRecent

114792 matches found

RedHat Linux
RedHat Linux
•added 2 days ago•7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.6AI score0.00464EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•10 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS5.9AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary code execution via global system variable manipulation by a high-privileged user

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.2AI score0.00666EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: MariaDB: Privilege bypass allows unauthorized file write via subqueries

A flaw was found in MariaDB server. This vulnerability allows a low-privileged authenticated user to bypass a security control that normally restricts file operations. Specifically, the system failed to verify the necessary 'FILE' privilege when certain 'SELECT' statements, which write data to...

8.1CVSS5.8AI score0.00276EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•9 views

mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd

A flaw was found in MariaDB server. When the wsrepnotifycmd feature is enabled, a remote attacker could exploit this vulnerability by embedding shell commands in the name of a joiner node. This could lead to arbitrary code execution on the server, allowing the attacker to take full control of the...

10CVSS6.5AI score0.00998EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00694EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•2 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•8 views

Important: Red Hat Security Advisory: galera and mariadb11.8 security, bug fix, and enhancement update

An update for multiple packages is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary shell command execution via improper sanitization in CONNECT engine

A flaw was found in MariaDB server. When the CONNECT engine is installed and REST support is enabled on Windows, a user can exploit improper sanitization of the table HTTP attribute. This attribute is interpolated into the curl command line, allowing for arbitrary shell command execution on the...

9.9CVSS6.1AI score0.00554EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•2 views

mariadb: MariaDB server: Information disclosure of stored routine definitions due to insufficient privilege check

A flaw was found in MariaDB server. A user who has been granted EXECUTE access to a stored routine through a role can view the definition of that routine. This information disclosure occurs even if the user does not possess the SHOW CREATE ROUTINE privilege, potentially exposing sensitive routine...

4.3CVSS5.7AI score0.00161EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00469EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits0References12
RedHat Linux
RedHat Linux
•added 2 days ago•8 views

Important: Red Hat Security Advisory: evince security update

An update for evince is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.4CVSS5.8AI score0.00529EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libtiff: libtiff-4.7.1-2.3.hum1 aarch64, x8664 libtiff-devel-4.7.1-2.3.hum1 aarch64, x8664 libtiff-static-4.7.1-2.3.hum1 aarch64, x8664 libtiff-tools-4.7.1-2.3.hum1 aarch64, x8664...

7.8CVSS6.8AI score0.00553EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.5AI score0.0028EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•8 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6AI score0.0028EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: net: atm: fix crash due to unvalidated vcc pointer in sigd_send()

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM networking component. A local attacker, by acting as a malicious signaling daemon, could send a specially crafted message containing an unvalidated pointer. This unvalidated pointer would be directly used by the kernel, leading...

5.5CVSS5.9AI score0.00125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

angular: Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A flaw exists in the template compiler of Angular as it fails to properly classify certain URL-bearing attributes including SVG and MathML attributes such as href, xlink:href, or the attributeName of SVG animation elements as requiring strict sanitization. As a result, an attacker who can supply...

8.5CVSS7.1AI score0.00377EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS7.4AI score0.01179EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00817EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

7.5CVSS5.7AI score0.0217EPSS
Exploits1References8
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files

A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service...

7.5CVSS6.5AI score0.01941EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

qs: qs: Denial of Service via improper input validation in array parsing

A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation e.g., a=value. This bypasses the arrayLimit option, which is designed to limit the size of...

6.3CVSS6.7AI score0.0041EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression

A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This...

7.5CVSS6.8AI score0.00244EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.5AI score0.01535EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink...

8.2CVSS6.3AI score0.00541EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

ajv: ReDoS via $data reference

A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS Regular Expression Denial of...

7.5CVSS6.4AI score0.00492EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS6.5AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.18 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...

9.6CVSS7AI score0.0217EPSS
Exploits8References10
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files

A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service...

7.5CVSS6.5AI score0.01941EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS7.4AI score0.01179EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

7.5CVSS5.7AI score0.0217EPSS
Exploits1References8
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.15 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.6CVSS7AI score0.0217EPSS
Exploits1References10
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...

9.8CVSS5.9AI score0.00451EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

An update for glibc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS5.8AI score0.00451EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 3 days ago•4 views

Important: Red Hat Security Advisory: cifs-utils security update

An update for cifs-utils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.8CVSS5.6AI score0.0012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 3 days ago•4 views

cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6AI score0.0012EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 3 days ago•3 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00694EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 3 days ago•2 views

mariadb: MariaDB server: Information disclosure of stored routine definitions due to insufficient privilege check

A flaw was found in MariaDB server. A user who has been granted EXECUTE access to a stored routine through a role can view the definition of that routine. This information disclosure occurs even if the user does not possess the SHOW CREATE ROUTINE privilege, potentially exposing sensitive routine...

4.3CVSS5.7AI score0.00161EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 3 days ago•2 views

mariadb: Arbitrary code execution via global system variable manipulation by a high-privileged user

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.2AI score0.00666EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 3 days ago•3 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 3 days ago•6 views

mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd

A flaw was found in MariaDB server. When the wsrepnotifycmd feature is enabled, a remote attacker could exploit this vulnerability by embedding shell commands in the name of a joiner node. This could lead to arbitrary code execution on the server, allowing the attacker to take full control of the...

10CVSS6.5AI score0.00998EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 3 days ago•3 views

mariadb: Arbitrary shell command execution via improper sanitization in CONNECT engine

A flaw was found in MariaDB server. When the CONNECT engine is installed and REST support is enabled on Windows, a user can exploit improper sanitization of the table HTTP attribute. This attribute is interpolated into the curl command line, allowing for arbitrary shell command execution on the...

9.9CVSS6.1AI score0.00554EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 3 days ago•3 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00469EPSS
Exploits0References6
Total number of security vulnerabilities114792