Lucene search
K
RedhatRecent

115929 matches found

RedHat Linux
RedHat Linux
added 2026/04/29 6:1 a.m.10 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

9.8CVSS6AI score0.01735EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 5:59 a.m.6 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libxml2: libxml2-16-2.15.3-0.1.hum1 aarch64, x8664 libxml2-2.15.3-0.1.hum1 aarch64, x8664 libxml2-devel-2.15.3-0.1.hum1 aarch64, x8664 libxml2-static-2.15.3-0.1.hum1 aarch64, x8664...

7.8CVSS8.1AI score0.00632EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/04/29 5:59 a.m.11 views

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

8.7CVSS8.2AI score0.00375EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 5:59 a.m.12 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

9.8CVSS8.8AI score0.01735EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/29 5:59 a.m.16 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS5.2AI score0.01735EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 5:57 a.m.16 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS5.2AI score0.01735EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 5:57 a.m.11 views

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

8.7CVSS8.2AI score0.00375EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 5:57 a.m.9 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havin...

9.8CVSS8.8AI score0.01735EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/29 5:49 a.m.8 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS5.2AI score0.01735EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 5:49 a.m.17 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

9.8CVSS6AI score0.01735EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 5:40 a.m.9 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS5.2AI score0.01735EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 5:40 a.m.7 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

9.8CVSS6AI score0.01735EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 5:28 a.m.11 views

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

8.7CVSS8.2AI score0.00375EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 5:28 a.m.14 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

9.8CVSS8.8AI score0.01735EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/29 5:28 a.m.15 views

lodash: lodash: Arbitrary code execution via untrusted input in template imports

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...

9.8CVSS5.2AI score0.01735EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 a.m.10 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 a.m.6 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 a.m.19 views

Moderate: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) security update

An update for golang-github-openstack-k8s-operators-os-diff is now available for Red Hat OpenStack Services on OpenShift 18.0.18 Antelope. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

10CVSS7AI score0.00765EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/04/29 4:16 a.m.10 views

openstack-nova-compute: Arbitrary Host File Overwrite via Unconstrained qemu-img Format Handling in OpenStack Nova

A flaw in OpenStack Nova’s interaction with the qemu-img utility allows an authenticated user to overwrite arbitrary files on the compute host. This occurs because Nova invokes qemu-img without strictly constraining the disk image format, enabling a malicious user to craft a QCOW2 header on a raw...

8.2CVSS5.5AI score0.00341EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 4:16 a.m.8 views

Important: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Services on OpenShift 18.0.18 Antelope. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.2AI score0.00341EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 10:47 p.m.8 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS5.3AI score0.00309EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 10:47 p.m.11 views

grafana: Grafana: Information disclosure of data-source passwords via public dashboards

A flaw was found in Grafana. When public dashboards are used with direct data-sources, sensitive credentials, specifically passwords for all direct data-sources, are exposed. This information disclosure occurs even when these data-sources are not actively utilized in the dashboards. A remote...

7.5CVSS5.4AI score0.00309EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/28 10:32 p.m.7 views

grafana: Grafana: Information disclosure of data-source passwords via public dashboards

A flaw was found in Grafana. When public dashboards are used with direct data-sources, sensitive credentials, specifically passwords for all direct data-sources, are exposed. This information disclosure occurs even when these data-sources are not actively utilized in the dashboards. A remote...

7.5CVSS5.4AI score0.00309EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/28 10:32 p.m.10 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS5.3AI score0.00309EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 9:45 p.m.21 views

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.3 security update

The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...

10CVSS6.9AI score0.025EPSS
Exploits8References8
RedHat Linux
RedHat Linux
added 2026/04/28 8:49 p.m.6 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 8:49 p.m.8 views

Important: Red Hat Security Advisory: yggdrasil security update

An update for yggdrasil is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 8:36 p.m.15 views

Important: Red Hat Security Advisory: yggdrasil-worker-package-manager security update

An update for yggdrasil-worker-package-manager is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.8AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 8:36 p.m.12 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 7:3 p.m.10 views

Important: Red Hat Security Advisory: VolSync v0.14 security fixes and container updates

VolSync v0.14 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.1CVSS7AI score0.01945EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2026/04/28 6:46 p.m.9 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: java-21-openjdk-portable: java-21-openjdk-portable-21.0.11.0.10-2.hum1 aarch64, x8664 java-21-openjdk-portable-devel-21.0.11.0.10-2.hum1 aarch64, x8664...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/28 6:21 p.m.4 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6AI score0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 6:21 p.m.8 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.2CVSS6.5AI score0.0047EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 6:7 p.m.4 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.2AI score0.0025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 6:7 p.m.5 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS5.7AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 6:7 p.m.7 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.4AI score0.00264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 6:7 p.m.10 views

Important: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.8CVSS5.6AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 3:50 p.m.8 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 3:50 p.m.17 views

Important: Red Hat Security Advisory: yggdrasil security update

An update for yggdrasil is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 3:18 p.m.8 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS8.6AI score0.01545EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/28 3:18 p.m.5 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS8.3AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 3:7 p.m.7 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS8.3AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 3:7 p.m.8 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS8.6AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 3:1 p.m.6 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS5.5AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 3:1 p.m.8 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS5.7AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 3:1 p.m.9 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.2AI score0.0025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 3:1 p.m.7 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.4AI score0.00264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/28 1:55 p.m.9 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.5AI score0.00454EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/28 1:55 p.m.6 views

LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading

A flaw was found in LibRaw. A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality. A remote attacker can exploit this by providing a specially crafted malicious file. This can lead to arbitrary code execution, allowing the attacker to take control of the...

9.8CVSS6.1AI score0.00746EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/28 1:55 p.m.8 views

Important: Red Hat Security Advisory: LibRaw security update

An update for LibRaw is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.4AI score0.00746EPSS
Exploits2References3
Total number of security vulnerabilities115929