114828 matches found
Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview
A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...
Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview
A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...
Moderate: Red Hat Security Advisory: vim security update
An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
vim: Vim: Command injection allows arbitrary code execution via malicious tag files
A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...
vim: Vim: Command injection allows arbitrary code execution via malicious tag files
A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...
Moderate: Red Hat Security Advisory: vim security update
An update for vim is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison
A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...
Important: Red Hat Security Advisory: postgresql:13 security update
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssl-fips-provider: openssl-fips-provider-3.0.7-1.2.hum1 aarch64, x8664 openssl-fips-provider-so-3.0.7-1.2.hum1 aarch64, x8664 openssl-fips-provider-3.0.7-1.2.hum1.src src...
Important: Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.6.12
Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images. Assisted Installer RHEL 8 integrates components for the general multicluster engine for Kubernetes 2.6.12 release that simplify the process of...
urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers
A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...
Important: Red Hat Security Advisory: python3.14-urllib3 security update
An update for python3.14-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
urllib3: urllib3: Denial of Service due to excessive HTTP response decompression
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...
urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers
A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...
Important: Red Hat Security Advisory: python3.12-urllib3 security update
An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
urllib3: urllib3: Denial of Service due to excessive HTTP response decompression
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...
Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.6.12
Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.6.12 release that simplify the process of...
urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers
A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...
Important: Red Hat Security Advisory: python-urllib3 security update
An update for python-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
urllib3: urllib3: Denial of Service due to excessive HTTP response decompression
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...
postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write
A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...
postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison
A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...
Important: Red Hat Security Advisory: postgresql:16 security update
An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...
webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...