Lucene search
K
RedhatRecent

116049 matches found

RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.2AI score0.00423EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.00295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack

A flaw was found in WebKitGTK. A maliciously crafted web page can cause a logic issue due to improper checks and result in a cross-site scripting attack...

4.3CVSS4.8AI score0.00276EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS7.1AI score0.00961EPSS
Exploits2References19
RedHat Linux
RedHat Linux
•added 2026/04/28 7:39 a.m.•7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:39 a.m.•5 views

FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately ...

7.5CVSS5.6AI score0.00426EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:39 a.m.•5 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.00426EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/28 7:20 a.m.•7 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS5.8AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:20 a.m.•16 views

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.7AI score0.01069EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/04/28 7:19 a.m.•19 views

Important: Red Hat Security Advisory: Red Hat OpenShift Builds 1.7.2

Red Hat OpenShift Builds 1.7.2 Releases of Red Hat OpenShift Builds 1.7.2...

10CVSS7.6AI score0.01557EPSS
Exploits2References8
RedHat Linux
RedHat Linux
•added 2026/04/28 7:16 a.m.•5 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS5.8AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:16 a.m.•7 views

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.7AI score0.01069EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/04/28 7:16 a.m.•18 views

Important: Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.5

Red Hat OpenShift Builds 1.6.5 Releases of Red Hat OpenShift Builds 1.6.5...

9.6CVSS5AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:9 a.m.•11 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:9 a.m.•11 views

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS8.2AI score0.01069EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/04/28 7:2 a.m.•6 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:2 a.m.•10 views

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.5CVSS8.2AI score0.01069EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•6 views

freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface

A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface...

9.1CVSS5.5AI score0.00489EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•6 views

freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation

A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. A malicious server can trigger a client‑side heap use after free causing a crash...

8.7CVSS5.2AI score0.00467EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•5 views

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

8.7CVSS5.2AI score0.00467EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•4 views

freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface

A heap buffer use after free has been discovered in FreeRDP. urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface...

8.7CVSS5.5AI score0.00467EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•6 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

9.8CVSS6.5AI score0.00656EPSS
Exploits5References12
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•4 views

freerdp: FreeRDP has a Heap-use-after-free in play_thread

A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsndtreatwave...

8.7CVSS5.2AI score0.00534EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•9 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS5.5AI score0.00481EPSS
Exploits1References10
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•12 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS PDUs...

9.8CVSS5.7AI score0.00365EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•12 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS5.6AI score0.00453EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•7 views

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

7.5CVSS5.3AI score0.00467EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•7 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.3AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:49 a.m.•10 views

freerdp: FreeRDP heap-use-after-free

A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it...

8.1CVSS5.2AI score0.00286EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/04/28 6:40 a.m.•7 views

Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.11: python3.11-3.11.15-4.2.hum1 aarch64, x8664 python3.11-debug-3.11.15-4.2.hum1 aarch64, x8664 python3.11-devel-3.11.15-4.2.hum1 aarch64, x8664 python3.11-idle-3.11.15-4.2.hum1 aarch64,...

3.3CVSS5.2AI score0.00238EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 4:43 a.m.•7 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.5AI score0.0049EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/28 4:43 a.m.•4 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 4:43 a.m.•8 views

kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 4:5 a.m.•11 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: avahi: avahi-0.9rc4-0.1.hum1 aarch64, x8664 avahi-autoipd-0.9rc4-0.1.hum1 aarch64, x8664 avahi-compat-howl-0.9rc4-0.1.hum1 aarch64, x8664 avahi-compat-howl-devel-0.9rc4-0.1.hum1 aarch64, x8664...

6.5CVSS5.1AI score0.00353EPSS
Exploits2References7
RedHat Linux
RedHat Linux
•added 2026/04/27 11:24 p.m.•23 views

Important: Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

9.8CVSS6.7AI score0.01557EPSS
Exploits2References10
RedHat Linux
RedHat Linux
•added 2026/04/27 9:31 p.m.•8 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS5AI score0.00308EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/04/27 9:31 p.m.•13 views

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.1CVSS6AI score0.00579EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/27 9:31 p.m.•9 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/04/27 8:58 p.m.•14 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS5AI score0.00308EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/04/27 8:58 p.m.•14 views

Important: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.1CVSS6AI score0.00579EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/27 8:58 p.m.•9 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/04/27 8:25 p.m.•16 views

Important: Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

9.8CVSS5.2AI score0.01557EPSS
Exploits2References9
RedHat Linux
RedHat Linux
•added 2026/04/27 7:15 p.m.•14 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libxslt: libxslt-1.1.45-0.1.hum1 aarch64, x8664 libxslt-devel-1.1.45-0.1.hum1 aarch64, x8664 python3-libxslt-1.1.45-0.1.hum1 aarch64, x8664 libxslt-1.1.45-0.1.hum1.src src...

7.5CVSS5.2AI score0.012EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/27 6:40 p.m.•10 views

Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: expat: expat-2.8.0-0.1.hum1 aarch64, x8664 expat-devel-2.8.0-0.1.hum1 aarch64, x8664 expat-static-2.8.0-0.1.hum1 aarch64, x8664 expat-2.8.0-0.1.hum1.src src...

7.5CVSS5.2AI score0.00379EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/27 6:20 p.m.•7 views

kernel: scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

5.6AI score0.00171EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/27 6:20 p.m.•10 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS5.7AI score0.00344EPSS
Exploits7References4
RedHat Linux
RedHat Linux
•added 2026/04/27 6:20 p.m.•5 views

kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7.8CVSS5.4AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/27 6:20 p.m.•4 views

kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check

A flaw was found in the Linux kernel's nftables component. A logic bug in nftmapcatchallactivate causes an inverted element activity check during the abort path of a failed transaction. This can lead to a use-after-free vulnerability, as catchall verdict elements may still reference a freed chain...

7.8CVSS5.3AI score0.00344EPSS
Exploits7References5
RedHat Linux
RedHat Linux
•added 2026/04/27 6:6 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruff: python3-ruff-0.15.11-1.hum1 noarch ruff-0.15.11-1.hum1 aarch64, x8664 ruff-0.15.11-1.hum1.src src...

7.5CVSS6.1AI score0.00573EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/27 5:24 p.m.•11 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: sed: sed-4.10-1.hum1 aarch64, x8664 sed-4.10-1.hum1.src src...

2.1CVSS5.8AI score0.00142EPSS
Exploits0References3
Total number of security vulnerabilities116049