Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/15 9:28 p.m.•6 views

Important: Red Hat Security Advisory: Kiali 1.73.32 for Red Hat OpenShift Service Mesh 2.6

Kiali 1.73.32 for Red Hat OpenShift Service Mesh 2.6 is now available. An update is now available for Red Hat OpenShift Service Mesh 2.6. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Comm...

9.2CVSS5.9AI score0.00848EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2026/06/15 9:7 p.m.•7 views

Important: Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage

A Subscription Management tool for finding and reporting Red Hat product usage Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their...

9.8CVSS6AI score0.0068EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:47 p.m.•10 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.5AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:47 p.m.•7 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS5.3AI score0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/15 7:47 p.m.•13 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.7AI score0.00651EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/15 3:32 p.m.•8 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 3:32 p.m.•9 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 3:3 p.m.•15 views

Moderate: Red Hat Security Advisory: yggdrasil-worker-package-manager security update

An update for yggdrasil-worker-package-manager is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 3:3 p.m.•8 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7AI score0.00292EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/15 2:59 p.m.•8 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.7AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 2:59 p.m.•9 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.7AI score0.12797EPSS
Exploits7References6
RedHat Linux
RedHat Linux
•added 2026/06/15 2:59 p.m.•6 views

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.3AI score0.00261EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 2:59 p.m.•7 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.2AI score0.00939EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 2:59 p.m.•6 views

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.3AI score0.00862EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 2:59 p.m.•7 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.3AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
•added 2026/06/15 2:53 p.m.•15 views

Important: Red Hat Security Advisory: Cluster Observability Operator 1.5.0

The Cluster Observability Operator COO is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions CRDs. The 1.5 release of COO...

9.9CVSS6.5AI score0.01186EPSS
Exploits2References7
RedHat Linux
RedHat Linux
•added 2026/06/15 10:36 a.m.•7 views

postfix: buffer over-read via malformed enhanced status code

A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:36 a.m.•8 views

Important: Red Hat Security Advisory: postfix security update

An update for postfix is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.2AI score0.00462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00399EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•7 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...

7.5CVSS5.5AI score0.0027EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.5AI score0.00318EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.5AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6.5AI score0.00602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6.2AI score0.00693EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•11 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...

8.1CVSS5.5AI score0.00304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.2AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.5AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•11 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.5AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•10 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS6.6AI score0.00693EPSS
Exploits0References17
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.5AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.5AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:20 a.m.•8 views

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

5.5CVSS5.2AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 10:18 a.m.•10 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References6
RedHat Linux
RedHat Linux
•added 2026/06/15 10:18 a.m.•10 views

Important: Red Hat Security Advisory: valkey security update

An update for valkey is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS6.8AI score0.02995EPSS
Exploits4References4
RedHat Linux
RedHat Linux
•added 2026/06/15 10:18 a.m.•12 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 10:18 a.m.•11 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.5AI score0.01782EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 10:7 a.m.•32 views

Important: Red Hat Security Advisory: postfix security update

An update for postfix is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 10:7 a.m.•9 views

postfix: buffer over-read via malformed enhanced status code

A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/15 8:51 a.m.•11 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.7 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.7 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

8.9CVSS5.3AI score0.0068EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•11 views

mysql: DML unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS6.8AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•11 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

4.9CVSS6.8AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•7 views

mysql: JSON unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•13 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS6.8AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•7 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•8 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•10 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS6.8AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 7:54 a.m.•8 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
Total number of security vulnerabilities114833