Lucene search
K
RedhatRecent

115913 matches found

RedHat Linux
RedHat Linux
added 2026/04/29 8:26 p.m.5 views

Squid: Squid: Denial of Service via crafted ICP traffic

A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...

8.7CVSS5.6AI score0.08931EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 8:26 p.m.13 views

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.2CVSS5.4AI score0.08942EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/29 8:21 p.m.23 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: java-25-openjdk: java-25-openjdk-25.0.3.0.9-1.hum1 aarch64, x8664 java-25-openjdk-crypto-adapter-25.0.3.0.9-1.hum1 aarch64, x8664 java-25-openjdk-crypto-adapter-fastdebug-25.0.3.0.9-1.hum1 aarch6...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/29 7:6 p.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 7:6 p.m.6 views

Important: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 5:54 p.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 5:54 p.m.11 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 5:54 p.m.15 views

Important: Red Hat Security Advisory: rhc-worker-playbook security update

An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/29 5:12 p.m.10 views

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.10 security update

The multicluster engine for Kubernetes 2.7 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.7 images The multicluster engine for Kubernetes provides the foundational components that are...

9.8CVSS8.4AI score0.00978EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/29 5:11 p.m.15 views

Important: Red Hat Security Advisory: Red Hat Quay 3.12.17

Red Hat Quay 3.12.17 is now available with bug fixes. Quay 3.12.17...

9.8CVSS6.5AI score0.01557EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/04/29 4:49 p.m.7 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: java-25-openjdk-portable: java-25-openjdk-portable-25.0.3.0.9-1.hum1 aarch64, x8664 java-25-openjdk-portable-devel-25.0.3.0.9-1.hum1 aarch64, x8664...

7.5CVSS5.2AI score0.00702EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.6 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.00731EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.4 views

webkitgtk: A malicious website may be able to process restricted web content outside the sandbox

A flaw was found in WebKitGTK. A maliciously crafted web page may be able to process restricted web content outside the sandbox due to improper memory handling...

8.8CVSS5.1AI score0.00636EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.8 views

webkitgtk: A website may be able to track users through Safari web extensions

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management...

5.3CVSS7.5AI score0.00222EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.00572EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.7 views

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...

5.4CVSS5.8AI score0.00354EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.00295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.7 views

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

4.3CVSS5.2AI score0.00266EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.5 views

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...

4.3CVSS5.1AI score0.00276EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.0072EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.00295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.0038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.3 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management...

8.8CVSS7.5AI score0.00229EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.7AI score0.00961EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.7 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper state management...

6.5CVSS5.2AI score0.0061EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.5 views

webkitgtk: A remote attacker may be able to cause a denial-of-service

A flaw was found in WebKitGTK. A remote attacker may be able to cause a denial-of-service due to improper memory handling...

7.5CVSS7.5AI score0.00608EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.6 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.2AI score0.00423EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.7 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

8.8CVSS7.1AI score0.00961EPSS
Exploits2References19
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.7 views

webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack

A flaw was found in WebKitGTK. A maliciously crafted web page can cause a logic issue due to improper checks and result in a cross-site scripting attack...

4.3CVSS4.8AI score0.00276EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6.7AI score0.00559EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:12 p.m.6 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and w...

9.8CVSS6AI score0.00329EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 4:12 p.m.7 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of...

9.8CVSS6AI score0.0034EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 4:12 p.m.6 views

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

8.8CVSS5.3AI score0.0035EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 4:12 p.m.7 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.1AI score0.00585EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 4:12 p.m.10 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

9.8CVSS6.6AI score0.01052EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/29 4:12 p.m.6 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.9AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/29 3:55 p.m.5 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/04/29 3:55 p.m.7 views

Moderate: Red Hat Security Advisory: oci-seccomp-bpf-hook security update

An update for oci-seccomp-bpf-hook is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/29 3:46 p.m.9 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/29 3:46 p.m.11 views

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS8.2AI score0.01069EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/29 3:44 p.m.8 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and w...

9.8CVSS6AI score0.00329EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 3:44 p.m.6 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of...

9.8CVSS6AI score0.0034EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 3:44 p.m.8 views

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

8.8CVSS5.3AI score0.0035EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 3:44 p.m.7 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.1AI score0.00585EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 3:44 p.m.11 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.6AI score0.01052EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/29 3:44 p.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.9AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/29 3:35 p.m.8 views

Important: Red Hat Security Advisory: VolSync v0.15 security fixes and container updates

VolSync v0.15 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.1CVSS7.5AI score0.01557EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/04/29 3:26 p.m.15 views

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.2.10

Logging for Red Hat OpenShift - 6.2.10 Red Hat OpenShift Logging 6.2.10 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...

8.2CVSS7.9AI score0.00728EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 2:31 p.m.11 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/29 2:31 p.m.9 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
Total number of security vulnerabilities115913