Lucene search
K
RedhatRecent

114788 matches found

RedHat Linux
RedHat Linux
•added yesterday•5 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.8AI score0.00103EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added yesterday•7 views

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.1AI score0.00475EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

Important: Red Hat Security Advisory: giflib security update

An update for giflib is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.2CVSS7.5AI score0.00488EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS7.6AI score0.00488EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.11: python3.11-3.11.15-4.3.hum1 aarch64, x8664 python3.11-debug-3.11.15-4.3.hum1 aarch64, x8664 python3.11-devel-3.11.15-4.3.hum1 aarch64, x8664 python3.11-idle-3.11.15-4.3.hum1 aarch64,...

6.1CVSS5.8AI score0.00229EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Important: Red Hat Security Advisory: giflib security update

An update for giflib is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.2CVSS7.5AI score0.00488EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS7.6AI score0.00488EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs26: nodejs26-26.4.0-1.3.hum1 aarch64, x8664 nodejs26-bin-26.4.0-1.3.hum1 noarch nodejs26-devel-26.4.0-1.3.hum1 aarch64, x8664 nodejs26-docs-26.4.0-1.3.hum1 noarch...

8.7CVSS5.8AI score0.00361EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libxml2: libxml2-16-2.15.3-0.1.1.hum1 aarch64, x8664 libxml2-2.15.3-0.1.1.hum1 aarch64, x8664 libxml2-devel-2.15.3-0.1.1.hum1 aarch64, x8664 libxml2-static-2.15.3-0.1.1.hum1 aarch64, x8664...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

kernel: gfs2: Fix use-after-free in iomap inline data write path

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

7.8CVSS6.6AI score0.00238EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.5AI score0.00238EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

7.8CVSS5.7AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Moderate: Red Hat Security Advisory: rrdtool security update

An update for rrdtool is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6AI score0.00131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

rrdtool: rrdtool: Stack buffer overflow allows local code execution or denial of service

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.4AI score0.00131EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: gzip: gzip-1.14-2.2.hum1 aarch64, x8664 gzip-1.14-2.2.hum1.src src Security Fixes: gzip: CVE-2026-41911 CVE-2026-41991...

6.5CVSS5.8AI score0.00326EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS7.1AI score0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.1AI score0.00615EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.1AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

Important: Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.8AI score0.00728EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

kernel: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()

A flaw was found in the Linux kernel's RDMA/mlx5 component. An error path fall-through in the mlx5ibdevressrqinit function, specifically when ibcreatesrq fails, can lead to the use of freed memory and error pointers. This memory corruption vulnerability could result in system instability, denial ...

7.8CVSS7AI score0.00142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.8AI score0.00103EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.6AI score0.00142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruby3.3: ruby3.3-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-bundled-gems-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-default-gems-3.3.10-23.2.hum1 noarch ruby3.3-devel-3.3.10-23.2.hum1 aarch64, x8664...

7.6CVSS5.8AI score0.0041EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Important: Red Hat Security Advisory: ruby:4.0 security update

An update for the ruby:4.0 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.6CVSS5.8AI score0.00685EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments

A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...

7.1CVSS6AI score0.00685EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.7AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00312EPSS
Exploits0References12
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•8 views

Low: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Important: Red Hat Security Advisory: Red Hat Quay 3.10.23

Red Hat Quay 3.10.23 is now available with bug fixes. Quay 3.10.23...

9.2CVSS6.5AI score0.00848EPSS
Exploits3References7
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•10 views

Low: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS7.2AI score0.00259EPSS
Exploits9References6
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux for NVIDIA. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.8CVSS7.2AI score0.00259EPSS
Exploits9References3
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

Important: Red Hat Security Advisory: ruby:3.3 security update

An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.6CVSS5.8AI score0.00685EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.7AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments

A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...

7.1CVSS6AI score0.00685EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00312EPSS
Exploits0References12
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Low: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00312EPSS
Exploits0References12
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments

A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...

7.1CVSS6AI score0.00685EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.6CVSS5.8AI score0.00685EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Low: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References2
Total number of security vulnerabilities114788