Lucene search
K
RedhatRecent

114793 matches found

RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...

8.1CVSS6AI score0.00304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6.6AI score0.00602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•6 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS6.6AI score0.00693EPSS
Exploits0References17
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:8 p.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00399EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 6:6 p.m.•5 views

Moderate: Red Hat Security Advisory: libpng15 security update

An update for libpng15 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.5AI score0.01052EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/25 6:6 p.m.•4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
•added 2026/06/25 5:40 p.m.•7 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.4.13 Images Security Update

New images are available for Red Hat build of Keycloak 26.4.13 and Red Hat build of Keycloak 26.4.13 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

8.8CVSS5.9AI score0.00519EPSS
Exploits1References1
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Keycloak: Information disclosure due to user profile permission bypass

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.7AI score0.00348EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

8.1CVSS5.8AI score0.00312EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: Security flaw in org.keycloak/keycloak-services

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.7AI score0.00281EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: org.keycloak/keycloak-services: Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

4.3CVSS5.8AI score0.00392EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

org.keycloak.keycloak-services: Improper Access Control on Keycloak Server when the account Account API feature is disabled

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.8AI score0.00232EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: Keycloak: Server-Side Request Forgery via OIDC token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.8AI score0.00295EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: Keycloak: Unauthorized access to resources via UMA permission ticket bypass

A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access UMA permission ticket for one resource can exploit this by using a specific permission request prefix to bypass per-resource access control. This allows the user to gain unauthorized access to...

4.6CVSS5.7AI score0.00166EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.8AI score0.00305EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: org.keycloak.protocol.oidc.grants.ciba: Keycloak: Information disclosure via CORS header injection due to unvalidated JWT azp claim

A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing CORS header injection vulnerability in Keycloak's User-Managed Access UMA token endpoint. This flaw occurs because the azp claim from a client-supplied JSON Web Token JWT is used to set the...

5.3CVSS5.8AI score0.00253EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Group-Admin Escalation to Realm-Admin

A flaw was found in Keycloak. A missing authorization check in the GroupResource.addChild endpoint within the Admin REST API allows an authenticated user with limited administrative privileges to reparent any existing group. When Fine-Grained Admin Permissions v2 FGAPv2 is enabled, an attacker wi...

7.7CVSS5.8AI score0.00288EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Keycloak: Cross-site scripting (XSS) via case-insensitive URI validation bypass

A flaw was found in Keycloak. A remote attacker with administrative privileges, specifically those with manage-client permission or access to client registration endpoints, could bypass client Uniform Resource Identifier URI validation. This is achieved by registering a malicious client with a...

7.3CVSS6.5AI score0.00419EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•8 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.4.13 Security Update

New Red Hat build of Keycloak 26.4.13 packages are available from the Customer Portal Red Hat build of Keycloak 26.4.13 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...

8.8CVSS5.9AI score0.00519EPSS
Exploits1References1
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak-policy-enforcer: Keycloak Policy Enforcer: Authorization bypass via incorrect URI comparison

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.7AI score0.00301EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•6 views

keycloak: Keycloak: Information disclosure through arbitrary filesystem path probing

A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...

4.9CVSS5.9AI score0.00519EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Keycloak: Denial of Service via malformed Authorization header

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS5.8AI score0.00417EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Keycloak: Privilege escalation via improper scope mapping enforcement

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

7.3CVSS5.7AI score0.00292EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: Keycloak: Information disclosure via SAML ECP endpoint

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP Security Assertion Markup Language Enhanced Client or Proxy endpoint with varying client IDs. By observing distinct faultstrings in the...

5.3CVSS5.7AI score0.00331EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak-rhel9: Organization Data Leak After Feature Disabled in Keycloak

A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect OIDC token with the 'organization' scope. This allows organization metadata to be disclosed in...

4.3CVSS5.7AI score0.00214EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name

A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...

6.9CVSS5.8AI score0.00238EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•5 views

keycloak: Keycloak: Denial of Service via malformed LDAP password policy response

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS5.8AI score0.00476EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: Keycloak: Security restriction bypass allows unauthorized ROPC token acquisition

A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers client-type, client-roles, client-attributes, client-scopes are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:36 p.m.•4 views

keycloak: Keycloak: Privilege escalation due to oversized subject_token JWT

A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subjecttoken JSON Web Token JWT to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to fall back to client...

8.8CVSS5.7AI score0.0032EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 5:32 p.m.•4 views

net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...

5.3CVSS5.8AI score0.0037EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/25 5:32 p.m.•6 views

Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update

An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

5.3CVSS5.8AI score0.0037EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/25 5:24 p.m.•5 views

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS7.2AI score0.00252EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/25 5:24 p.m.•4 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS7.3AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•3 views

firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•4 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•4 views

firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•5 views

firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•6 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.6CVSS5.9AI score0.00476EPSS
Exploits0References30
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•6 views

firefox: thunderbird: Incorrect boundary conditions in the Internationalization component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Internationalization component...

5.4CVSS5.8AI score0.00164EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/25 4:16 p.m.•3 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume...

8.1CVSS5.9AI score0.00407EPSS
Exploits0References6
Total number of security vulnerabilities114793