Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/15 2:5 a.m.•10 views

Important: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS6.1AI score0.00553EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 2:5 a.m.•8 views

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

7.8CVSS5.9AI score0.00553EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/15 1:56 a.m.•11 views

Moderate: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 1:56 a.m.•13 views

systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References15
RedHat Linux
RedHat Linux
•added 2026/06/15 1:50 a.m.•11 views

libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.4AI score0.00407EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/15 1:50 a.m.•10 views

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

8.8CVSS6.7AI score0.00407EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/15 1:49 a.m.•8 views

gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

7.1CVSS7.5AI score0.00634EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/15 1:49 a.m.•8 views

gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow

A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...

7.8CVSS7.8AI score0.00596EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 1:49 a.m.•8 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS8AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 1:49 a.m.•9 views

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS7.9AI score0.00755EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/15 1:49 a.m.•8 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/15 1:49 a.m.•8 views

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/13 1:24 a.m.•8 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.16.0-1.hum1 aarch64, x8664 nodejs24-bin-24.16.0-1.hum1 noarch nodejs24-devel-24.16.0-1.hum1 aarch64, x8664 nodejs24-docs-24.16.0-1.hum1 noarch...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/12 9:36 p.m.•8 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: kubernetes1.35: kubernetes1.35-1.35.6-1.hum1 aarch64, x8664 kubernetes1.35-client-1.35.6-1.hum1 aarch64, x8664 kubernetes1.35-kubeadm-1.35.6-1.hum1 aarch64, x8664...

5.5CVSS5.8AI score0.00317EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•14 views

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

8.8CVSS5.3AI score0.00244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•31 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.6AI score0.00563EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•11 views

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

7.8CVSS5.3AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•7 views

kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7.8CVSS5.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•8 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.6AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•13 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.3AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•7 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.3AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•7 views

kernel: ipv6: use RCU in ip6_output()

A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.2AI score0.00193EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•13 views

kernel: nvme: avoid double free special payload

In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQFSPECIALLOAD when the request is cleaned...

7.8CVSS5.9AI score0.00248EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•11 views

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

7.8CVSS5.9AI score0.00155EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•6 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.4AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•8 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.5AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•10 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.4AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•21 views

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

5.3AI score0.00178EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•20 views

Critical: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On and Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability...

9.8CVSS6.6AI score0.00563EPSS
Exploits0References17
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•7 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.5AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:56 p.m.•8 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.4AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:50 p.m.•10 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS5.8AI score0.00563EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/12 7:50 p.m.•9 views

Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for NVIDIA for RHEL 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

9.8CVSS4.8AI score0.00563EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/12 1:47 p.m.•11 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: krb5: krb5-devel-1.22.2-8.hum1 aarch64, x8664 krb5-libs-1.22.2-8.hum1 aarch64, x8664 krb5-pkinit-1.22.2-8.hum1 aarch64, x8664 krb5-server-1.22.2-8.hum1 aarch64, x8664 krb5-server-ldap-1.22.2-8.hu...

5CVSS5.2AI score0.00261EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/12 12:27 p.m.•6 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: opentelemetry-collector-contrib: opentelemetry-collector-contrib-0.153.0-1.hum1 aarch64, x8664 opentelemetry-collector-contrib-0.153.0-1.hum1.src src...

7.5CVSS5.8AI score0.00326EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/11 7:28 p.m.•6 views

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...

8.7CVSS5.6AI score0.00323EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:28 p.m.•9 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

10CVSS7.9AI score0.0168EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/11 7:28 p.m.•7 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...

10CVSS8AI score0.0168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 2:49 p.m.•12 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.16.2 security update

Red Hat Advanced Cluster Management for Kubernetes 2.16 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.16 images Red Hat Advanced Cluster Management for Kubernetes provides...

10CVSS7.6AI score0.01163EPSS
Exploits6References15
RedHat Linux
RedHat Linux
•added 2026/06/11 2:38 p.m.•16 views

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.11.0 General Availability

The multicluster engine for Kubernetes 2.11 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.11 images The multicluster engine for Kubernetes provides the foundational components that a...

10CVSS7.6AI score0.00838EPSS
Exploits7References10
RedHat Linux
RedHat Linux
•added 2026/06/11 1:58 p.m.•12 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.7AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:58 p.m.•13 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:58 p.m.•12 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:58 p.m.•18 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:58 p.m.•21 views

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.1AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
•added 2026/06/11 1:57 p.m.•10 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.8AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:57 p.m.•8 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.5AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/11 1:57 p.m.•11 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS7.2AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:57 p.m.•8 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.2AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:57 p.m.•7 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS7.2AI score0.01945EPSS
Exploits0References8
Total number of security vulnerabilities114833