Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•7 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.8AI score0.00332EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•8 views

firefox: Privilege escalation in the Enterprise Policies component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•7 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•7 views

firefox: Spoofing issue in the Form Autofill component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...

6.5CVSS5.2AI score0.00322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•5 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•6 views

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

5.3CVSS5.2AI score0.00298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•8 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•7 views

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

9.6CVSS5.2AI score0.00532EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•6 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.0056EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•9 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

9.8CVSS5.6AI score0.00605EPSS
Exploits0References19
RedHat Linux
RedHat Linux
•added 2026/06/17 2:37 p.m.•8 views

firefox: Privilege escalation in the Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 2:19 p.m.•5 views

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/17 2:19 p.m.•15 views

Important: Red Hat Security Advisory: redhat-ds:12 security update

An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 E4S for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS5.3AI score0.00815EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/17 2:11 p.m.•5 views

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/17 2:11 p.m.•10 views

Important: Red Hat Security Advisory: redhat-ds:11 security update

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 E4S for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS5.3AI score0.00815EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/17 1:40 p.m.•8 views

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.15

Logging for Red Hat OpenShift - 6.0.15 Red Hat OpenShift Logging 6.0.15 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...

8.8CVSS7.1AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•5 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.3AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•5 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•6 views

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

5.4AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•6 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.3AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•6 views

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

7.8CVSS5.5AI score0.00125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•6 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS5.3AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•5 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.3AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•10 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

8.8CVSS5.6AI score0.00469EPSS
Exploits4References8
RedHat Linux
RedHat Linux
•added 2026/06/17 1:24 p.m.•4 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: util-linux: libblkid-2.42.2-1.hum1 aarch64, x8664 libblkid-devel-2.42.2-1.hum1 aarch64, x8664 libfdisk-2.42.2-1.hum1 aarch64, x8664 libfdisk-devel-2.42.2-1.hum1 aarch64, x8664...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/17 1:17 p.m.•9 views

Important: Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update

An updated OpenShift Compliance Operator image that fixes various bugs and adds new enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog. The OpenShift Compliance Operator v1.9.1 is now available. See the documentation for bug fix information:...

8.8CVSS7.9AI score0.00621EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 1:11 p.m.•7 views

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

7.1CVSS5.3AI score0.00094EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:11 p.m.•5 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.3AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 1:11 p.m.•6 views

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.1CVSS5.5AI score0.0014EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/17 12:57 p.m.•13 views

Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection

A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...

9.8CVSS7.8AI score0.01557EPSS
Exploits1References12
RedHat Linux
RedHat Linux
•added 2026/06/17 12:50 p.m.•6 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

9.1CVSS7.7AI score0.01557EPSS
Exploits2References4
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•14 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security, bug fix, and enhancement update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•9 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS5.8AI score0.00161EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.4AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00154EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS5.4AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•9 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS5.4AI score0.00136EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS5.8AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:19 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS5.4AI score0.00127EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 12:10 p.m.•10 views

dovecot: Doveadm: Full access via timing oracle attack in credential verification

A flaw was found in Doveadm, a component of Dovecot. An attacker can exploit a timing oracle vulnerability during the direct comparison of credentials. This allows the attacker to determine the configured credentials, potentially leading to full unauthorized access to the affected component...

7.4CVSS5.4AI score0.00392EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:10 p.m.•7 views

dovecot: denial of service via crafted message before authentication

A flaw was found in dovecot. An unauthenticated and remote attacker can send a crafted message that causes managesieve to allocate an excessive amount of memory, forcing managesieve-login to be unavailable by repeatedly crashing the process, resulting in a denial of service...

7.5CVSS5.4AI score0.0079EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:10 p.m.•7 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.5AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:10 p.m.•9 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS5.8AI score0.0079EPSS
Exploits3References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:10 p.m.•6 views

dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command

A flaw was found in ManageSieve. A remote attacker can exploit this vulnerability by sending a crafted SASL Simple Authentication and Security Layer initial response during the AUTHENTICATE command. This can cause the ManageSieve service to crash repeatedly, leading to a Denial of Service DoS for...

7.5CVSS5.5AI score0.00703EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•25 views

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

8.8CVSS5.5AI score0.00244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•5 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.6AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•10 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.4AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•7 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS5.4AI score0.00341EPSS
Exploits0References5
Total number of security vulnerabilities114833