Lucene search
K
RedhatRecent

115799 matches found

RedHat Linux
RedHat Linux
•added 2026/05/20 1:8 p.m.•14 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS5.8AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•12 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•11 views

firefox: thunderbird: Mitigation bypass in the File Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the File Handling component...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•8 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

7.5CVSS5.9AI score0.00513EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•10 views

firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC: Networking component...

7.8CVSS5.7AI score0.0011EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•12 views

firefox: thunderbird: Other issue in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Libraries component in NSS...

5.3CVSS5.7AI score0.00227EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•7 views

firefox: thunderbird: Information disclosure in the Form Autofill component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Form Autofill component...

5.3CVSS5.7AI score0.00215EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•8 views

firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...

6.5CVSS5.7AI score0.00231EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•9 views

firefox: thunderbird: Use-after-free in the Widget: Cocoa component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Widget: Cocoa component...

7.5CVSS5.7AI score0.00363EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•13 views

firefox: thunderbird: Incorrect boundary conditions in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC component...

7.5CVSS5.7AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•7 views

firefox: thunderbird: Privilege escalation in the Graphics: WebRender component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Graphics: WebRender component...

8.8CVSS5.7AI score0.00483EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•10 views

firefox: thunderbird: Use-after-free in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC component...

7.5CVSS5.7AI score0.004EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•16 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

9.8CVSS6AI score0.04938EPSS
Exploits1References26
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•9 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume th...

7.5CVSS5.9AI score0.00499EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•8 views

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

7.5CVSS5.7AI score0.00269EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•7 views

firefox: thunderbird: Other issue in the Storage: IndexedDB component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Storage: IndexedDB component...

6.5CVSS6AI score0.04938EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•10 views

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

7.5CVSS5.7AI score0.00257EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•8 views

firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...

6.3CVSS5.7AI score0.00157EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•7 views

firefox: thunderbird: Privilege escalation in the Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Networking component...

8.8CVSS5.7AI score0.00221EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•13 views

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

6.3CVSS5.7AI score0.00293EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•9 views

firefox: thunderbird: Use-after-free in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...

7.5CVSS5.7AI score0.00387EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•7 views

firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•8 views

firefox: thunderbird: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component...

7.5CVSS5.7AI score0.00403EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•8 views

firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Audio/Video: Web Codecs component...

9.8CVSS5.7AI score0.00399EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•10 views

firefox: thunderbird: Incorrect boundary conditions in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC component...

7.5CVSS5.7AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•11 views

firefox: thunderbird: Use-after-free in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...

7.5CVSS5.7AI score0.00586EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:5 p.m.•12 views

firefox: thunderbird: Privilege escalation in the Debugger component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Debugger component...

8.8CVSS5.7AI score0.00226EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•11 views

kernel: RDMA/umem: Fix double dma_buf_unpin in failure path

A flaw was found in the Linux kernel's RDMA/umem subsystem. A memory management error, specifically a double unpin of a dmabuf, can occur in a failure path during dmabuf pinning operations. This vulnerability could lead to system instability or a crash, resulting in a Denial of Service DoS...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•9 views

kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

9.8CVSS6.3AI score0.00311EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•9 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•8 views

kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the traffic control actct path when it is incorrectly configured with non-ingress egress qdiscs queueing disciplines. This can allow a local user with specific privileges to trigger a kernel crash, leading to a denial ...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•10 views

kernel: scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

5.9AI score0.00171EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•16 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

6.1AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•2 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•12 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS5.8AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•11 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS6.1AI score0.03663EPSS
Exploits11References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•10 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS6.2AI score0.93235EPSS
Exploits31References6
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•10 views

kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold

A flaw was found in the Linux kernel's Bluetooth SCO Synchronous Connection-Oriented protocol implementation. The scorecvframe function fails to properly hold a reference to a socket after releasing a lock. This oversight allows a concurrent operation to free the socket while it is still being...

8.8CVSS5.8AI score0.003EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•15 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•13 views

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS6.6AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•8 views

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

7.8CVSS6.3AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 1:3 p.m.•23 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS7AI score0.93235EPSS
Exploits52References15
RedHat Linux
RedHat Linux
•added 2026/05/20 1:1 p.m.•20 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.54 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.54 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

10CVSS6.9AI score0.01945EPSS
Exploits5References13
RedHat Linux
RedHat Linux
•added 2026/05/20 12:47 p.m.•13 views

jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication

A flaw was found in pgjdbc, an open-source PostgreSQL JDBC Driver. A malicious server can exploit this vulnerability by instructing the driver to perform SCRAM-SHA-256 Salted Challenge Response Authentication Mechanism Secure Hash Algorithm 256 authentication with an excessively large iteration...

7.5CVSS5.7AI score0.0077EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/20 12:47 p.m.•13 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.3.SP2 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

7.5CVSS5.8AI score0.0077EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/20 12:28 p.m.•16 views

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.18.42 security update

Red Hat build of MicroShift release 4.18.42 is now available with updates to packages and images that include a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/05/20 12:28 p.m.•10 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/20 12:22 p.m.•21 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.54 security and extras update

Red Hat OpenShift Container Platform release 4.17.54 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS6.9AI score0.01557EPSS
Exploits3References4
RedHat Linux
RedHat Linux
•added 2026/05/20 12:16 p.m.•13 views

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

7.8CVSS6.1AI score0.00553EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/20 12:16 p.m.•12 views

Important: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.2AI score0.00553EPSS
Exploits0References2
Total number of security vulnerabilities115799