Lucene search
K
RedhatRecent

115831 matches found

RedHat Linux
RedHat Linux
•added 2026/05/19 1:24 p.m.•15 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.6AI score0.00867EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:24 p.m.•16 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS7.9AI score0.00773EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:24 p.m.•16 views

GStreamer: GStreamer: Remote Code Execution via out-of-bounds write in RealMedia Demuxer

A flaw was found in GStreamer. This vulnerability allows a remote attacker to execute arbitrary code by exploiting an out-of-bounds write in the RealMedia Demuxer component. The issue occurs due to improper validation of user-supplied data during the processing of video packets, leading to a writ...

7.8CVSS7.8AI score0.00431EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:24 p.m.•9 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.1AI score0.00828EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:24 p.m.•10 views

GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay

A flaw was found in GStreamer. This out-of-bounds write vulnerability exists within the rtpqdm2depay element, specifically during the processing of X-QDM Real-time Transport Protocol RTP payload elements. A remote attacker can exploit this by providing malformed user-supplied data to the packetid...

8.8CVSS7.8AI score0.00806EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•19 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•18 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•27 views

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•15 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•14 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

7.5CVSS5.9AI score0.00513EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•14 views

firefox: thunderbird: Incorrect boundary conditions in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC component...

7.5CVSS5.7AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Mitigation bypass in the File Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the File Handling component...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•12 views

firefox: thunderbird: Privilege escalation in the Debugger component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Debugger component...

8.8CVSS5.7AI score0.00226EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Privilege escalation in the Graphics: WebRender component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Graphics: WebRender component...

8.8CVSS5.7AI score0.00483EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•8 views

firefox: thunderbird: Use-after-free in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC component...

7.5CVSS5.7AI score0.004EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•7 views

firefox: thunderbird: Other issue in the Storage: IndexedDB component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Storage: IndexedDB component...

6.5CVSS6AI score0.04938EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•8 views

firefox: thunderbird: Other issue in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Libraries component in NSS...

5.3CVSS5.7AI score0.00227EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•12 views

firefox: thunderbird: Information disclosure in the Form Autofill component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Form Autofill component...

5.3CVSS5.7AI score0.00215EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•7 views

firefox: thunderbird: Privilege escalation in the Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Networking component...

8.8CVSS5.7AI score0.00221EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

6.3CVSS5.7AI score0.00293EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•11 views

firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Audio/Video: Web Codecs component...

9.8CVSS5.7AI score0.00399EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•10 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume th...

7.5CVSS5.9AI score0.00499EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC: Networking component...

7.8CVSS5.7AI score0.0011EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•10 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•8 views

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

7.5CVSS5.7AI score0.00257EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•10 views

firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...

6.5CVSS5.7AI score0.00231EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•8 views

firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...

6.3CVSS5.7AI score0.00157EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•8 views

firefox: thunderbird: Use-after-free in the Widget: Cocoa component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Widget: Cocoa component...

7.5CVSS5.7AI score0.00363EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•10 views

firefox: thunderbird: Incorrect boundary conditions in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC component...

7.5CVSS5.7AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•10 views

firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component...

7.5CVSS5.7AI score0.00403EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•32 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6AI score0.04938EPSS
Exploits1References26
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Use-after-free in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...

7.5CVSS5.7AI score0.00387EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•8 views

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

7.5CVSS5.7AI score0.00269EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•9 views

firefox: thunderbird: Use-after-free in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...

7.5CVSS5.7AI score0.00586EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•41 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/05/19 1:23 p.m.•18 views

Important: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/19 1:18 p.m.•12 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS6.1AI score0.01735EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/19 1:18 p.m.•16 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6.7AI score0.01735EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/19 1:17 p.m.•18 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/05/19 1:17 p.m.•23 views

Important: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•11 views

libssh: Memory Exhaustion via Repeated Key Exchange in libssh

A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...

3.1CVSS6.4AI score0.00375EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•14 views

libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()

A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...

8.2CVSS6.3AI score0.00582EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•14 views

libssh: Improper sanitation of paths received from SCP servers

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

6.3CVSS6.5AI score0.00408EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•13 views

libssh: libssh: Denial of Service due to malformed SFTP message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6.3AI score0.00442EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•14 views

libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...

4.7CVSS6.5AI score0.00217EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•15 views

libssh: Double Free Vulnerability in libssh Key Export Functions

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

6.5CVSS6.9AI score0.00494EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•9 views

libssh: Write beyond bounds in binary to base64 conversion functions

There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash function. In such cases the bintobase64 function can experience an integer overflow leading to a memory under allocation, when that happens it's possibl...

4.5CVSS7.1AI score0.00178EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•9 views

libssh: libssh: Denial of Service via inefficient regular expression processing

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

5.5CVSS6.4AI score0.00223EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/19 1:16 p.m.•11 views

libssh: libssh: Denial of Service via improper configuration file handling

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service DoS by causing the system t...

3.3CVSS6.5AI score0.00158EPSS
Exploits0References4
Total number of security vulnerabilities115831