Lucene search
K
RedhatRecent

114793 matches found

RedHat Linux
RedHat Linux
•added 2026/06/23 6:48 p.m.•5 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 6:47 p.m.•11 views

Important: Red Hat Security Advisory: Satellite 6.18.6 Async Update

A new release is now available for Red Hat Satellite 6.18 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.9CVSS6.8AI score0.00534EPSS
Exploits1References9
RedHat Linux
RedHat Linux
•added 2026/06/23 6:47 p.m.•5 views

pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image

A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...

8.6CVSS7.2AI score0.00367EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/23 6:47 p.m.•6 views

c3p0: c3p0: Arbitrary Code Execution via deserialization of crafted objects

A flaw was found in c3p0, a Java Database Connectivity JDBC Connection pooling library. This vulnerability allows an attacker to achieve arbitrary code execution by providing maliciously crafted Java-serialized objects or javax.naming.Reference instances. By manipulating the userOverridesAsString...

8.9CVSS6.5AI score0.00534EPSS
Exploits0References9
RedHat Linux
RedHat Linux
•added 2026/06/23 6:47 p.m.•6 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS5.8AI score0.00292EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/23 6:42 p.m.•5 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS6AI score0.0016EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/23 6:42 p.m.•6 views

Moderate: Red Hat Security Advisory: opencryptoki security update

An update for opencryptoki is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/23 6:39 p.m.•5 views

eda-server: websocket missing authorization allows credential theft via activation_id spoofing

A missing authorization vulnerability was found in the Event-Driven Ansible EDA websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activationid to receive...

9.6CVSS5.9AI score0.0037EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/23 6:39 p.m.•7 views

Critical: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.6CVSS5.9AI score0.0037EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/23 6:28 p.m.•11 views

libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the asn1expendoctetstring function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service DoS condition, making the...

7.5CVSS7.3AI score0.01109EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/23 6:28 p.m.•7 views

Low: Red Hat Security Advisory: libtasn1 security update

An update for libtasn1 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS7.4AI score0.01109EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/23 5:55 p.m.•4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
•added 2026/06/23 5:55 p.m.•5 views

Moderate: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.6CVSS6.8AI score0.01052EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2026/06/23 5:55 p.m.•6 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.5AI score0.00585EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/23 5:33 p.m.•7 views

Important: Red Hat Security Advisory: Red Hat Openshift Mirror Registry v2.0.11

Red Hat Openshift Mirror Registry v2.0.11 Openshift Mirror Registry v2.0.11...

10CVSS6.8AI score0.02667EPSS
Exploits3References12
RedHat Linux
RedHat Linux
•added 2026/06/23 5:23 p.m.•12 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 4:50 p.m.•7 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

8.8CVSS5.8AI score0.00237EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/23 2:58 p.m.•5 views

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

6.6CVSS6.5AI score0.00501EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/23 2:58 p.m.•4 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS6.4AI score0.00501EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/23 2:34 p.m.•4 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS6.4AI score0.00501EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/23 2:34 p.m.•7 views

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

6.6CVSS6.5AI score0.00501EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/23 1:42 p.m.•8 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/23 1:42 p.m.•6 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 12:41 p.m.•7 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssl-fips-provider: openssl-fips-provider-3.0.7-1.2.hum1 aarch64, x8664 openssl-fips-provider-so-3.0.7-1.2.hum1 aarch64, x8664 openssl-fips-provider-3.0.7-1.2.hum1.src src...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/23 10:55 a.m.•5 views

Important: Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.6.12

Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images. Assisted Installer RHEL 8 integrates components for the general multicluster engine for Kubernetes 2.6.12 release that simplify the process of...

7.5CVSS7.3AI score0.00651EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/23 10:55 a.m.•4 views

urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...

8.2CVSS5.9AI score0.00527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:55 a.m.•9 views

Important: Red Hat Security Advisory: python3.14-urllib3 security update

An update for python3.14-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:55 a.m.•5 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:51 a.m.•6 views

urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...

8.2CVSS5.9AI score0.00527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:51 a.m.•5 views

Important: Red Hat Security Advisory: python3.12-urllib3 security update

An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:51 a.m.•4 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:51 a.m.•6 views

Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.6.12

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.6.12 release that simplify the process of...

7.5CVSS5.9AI score0.00615EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/23 10:47 a.m.•5 views

urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...

8.2CVSS5.9AI score0.00527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:47 a.m.•6 views

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:47 a.m.•5 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:39 a.m.•5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:39 a.m.•7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:39 a.m.•7 views

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6AI score0.00668EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...

7.5CVSS5.8AI score0.0027EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00318EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00693EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...

8.1CVSS5.8AI score0.00304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/23 10:11 a.m.•3 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00399EPSS
Exploits0References5
Total number of security vulnerabilities114793