Lucene search
K
RedhatRecent

116578 matches found

RedHat Linux
RedHat Linux
•added 2026/04/28 3:18 p.m.•5 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS8.3AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/04/28 3:7 p.m.•8 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS8.6AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/04/28 3:7 p.m.•7 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS8.3AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/04/28 3:1 p.m.•7 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS5.5AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 3:1 p.m.•7 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.4AI score0.00264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 3:1 p.m.•8 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS5.7AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 3:1 p.m.•9 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.2AI score0.0025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 1:55 p.m.•9 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.5AI score0.00454EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/04/28 1:55 p.m.•6 views

LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading

A flaw was found in LibRaw. A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality. A remote attacker can exploit this by providing a specially crafted malicious file. This can lead to arbitrary code execution, allowing the attacker to take control of the...

9.8CVSS6.1AI score0.00746EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/04/28 1:55 p.m.•8 views

Important: Red Hat Security Advisory: LibRaw security update

An update for LibRaw is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.4AI score0.00746EPSS
Exploits2References3
RedHat Linux
RedHat Linux
•added 2026/04/28 11:29 a.m.•7 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS5.5AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 11:29 a.m.•5 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.2AI score0.0025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 11:29 a.m.•4 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS5.7AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 11:29 a.m.•4 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.4AI score0.00264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/04/28 11:27 a.m.•7 views

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

6.2CVSS5.4AI score0.00144EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/04/28 11:27 a.m.•5 views

libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...

6.2CVSS5.1AI score0.00144EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 9:49 a.m.•6 views

Important: Red Hat Security Advisory: kea security update

An update for kea is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS8.6AI score0.01361EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/04/28 9:49 a.m.•7 views

Kea: Kea: Denial of Service via maliciously crafted message

A flaw was found in Kea. A remote attacker can send a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener. This can cause a stack overflow error, leading to the daemon exiting and resulting in a Denial of...

7.5CVSS8.6AI score0.01361EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/04/28 8:57 a.m.•7 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: perl-Socket: perl-Socket-2.041-1.hum1 aarch64, x8664 perl-Socket-tests-2.041-1.hum1 aarch64, x8664 perl-Socket-2.041-1.hum1.src src...

9.1CVSS5.2AI score0.00389EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/28 8:57 a.m.•3 views

perl-Socket: perl-Socket: Information Disclosure due to Out-of-Bounds Read

A flaw was found in the perl-Socket component. The packipmreqsource function, which handles network socket operations, contains an out-of-bounds heap read vulnerability. An attacker providing a specially crafted input can cause the system to read beyond the intended memory buffer, potentially...

9.1CVSS0.00389EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:54 a.m.•6 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.00426EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/28 7:54 a.m.•7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:54 a.m.•6 views

FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately ...

7.5CVSS5.6AI score0.00426EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:43 a.m.•8 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS6AI score0.00426EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/28 7:43 a.m.•15 views

FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately ...

7.5CVSS4.8AI score0.00426EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:43 a.m.•7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS7.1AI score0.00961EPSS
Exploits2References19
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack

A flaw was found in WebKitGTK. A maliciously crafted web page can cause a logic issue due to improper checks and result in a cross-site scripting attack...

4.3CVSS4.8AI score0.00276EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.00572EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...

4.3CVSS5.1AI score0.00276EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.0072EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...

5.4CVSS5.8AI score0.00354EPSS
Exploits2References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.0038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

4.3CVSS5.2AI score0.00266EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6.7AI score0.00559EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.7AI score0.00961EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: A remote attacker may be able to cause a denial-of-service

A flaw was found in WebKitGTK. A remote attacker may be able to cause a denial-of-service due to improper memory handling...

7.5CVSS7.5AI score0.00608EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.00295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.5AI score0.00295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management...

8.8CVSS7.5AI score0.00229EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.2AI score0.00423EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•7 views

webkitgtk: A malicious website may be able to process restricted web content outside the sandbox

A flaw was found in WebKitGTK. A maliciously crafted web page may be able to process restricted web content outside the sandbox due to improper memory handling...

8.8CVSS5.1AI score0.00636EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•5 views

webkitgtk: A website may be able to track users through Safari web extensions

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management...

5.3CVSS7.5AI score0.00222EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper state management...

6.5CVSS5.2AI score0.0061EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:40 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.00731EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/04/28 7:39 a.m.•5 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.00426EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/04/28 7:39 a.m.•7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:39 a.m.•5 views

FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately ...

7.5CVSS5.6AI score0.00426EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/04/28 7:20 a.m.•16 views

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.7AI score0.01069EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/04/28 7:20 a.m.•7 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS5.8AI score0.01069EPSS
Exploits1References5
Total number of security vulnerabilities116578