Lucene search
K
RedhatRecent

114931 matches found

RedHat Linux
RedHat Linux
•added 2026/06/03 7:15 a.m.•13 views

Moderate: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syst...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/03 5:56 a.m.•9 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

7.5CVSS6.1AI score0.00375EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 5:56 a.m.•8 views

firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

7.5CVSS5.7AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 5:56 a.m.•12 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

9.6CVSS6AI score0.00375EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 5:56 a.m.•7 views

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

9.6CVSS5.7AI score0.00258EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 5:56 a.m.•9 views

firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

8.8CVSS6.1AI score0.00316EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 5:6 a.m.•13 views

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

8.1CVSS6AI score0.00247EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/03 5:6 a.m.•13 views

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

2.5CVSS5.8AI score0.0013EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/03 5:6 a.m.•13 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS5.9AI score0.00176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/03 5:6 a.m.•10 views

OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage

A flaw was found in OpenSSH. This vulnerability allows the system to use unintended Elliptic Curve Digital Signature Algorithm ECDSA algorithms. This occurs because the configuration for accepted public key algorithms is misinterpreted, leading to the use of weaker cryptographic methods than...

6.5CVSS5.7AI score0.00237EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/03 5:6 a.m.•19 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/03 5:6 a.m.•14 views

Important: Red Hat Security Advisory: openssh update

An update for openssh is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 5:5 a.m.•10 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 5:5 a.m.•14 views

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

7.1CVSS5.8AI score0.00094EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 5:5 a.m.•13 views

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/03 5:0 a.m.•9 views

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/03 5:0 a.m.•8 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 4:57 a.m.•9 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/03 4:57 a.m.•9 views

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/03 4:53 a.m.•23 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/03 4:53 a.m.•13 views

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/03 3:28 a.m.•14 views

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00261EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 3:28 a.m.•46 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.9AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 3:28 a.m.•3 views

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.3AI score0.00862EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 3:28 a.m.•3 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.2AI score0.00939EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/03 3:28 a.m.•26 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.4AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
•added 2026/06/03 3:28 a.m.•14 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS5.9AI score0.12797EPSS
Exploits7References4
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•12 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.7AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•9 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•9 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.9AI score0.00429EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•12 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.7AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•11 views

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

8.6CVSS5.7AI score0.00344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•12 views

firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•22 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References20
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•14 views

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

5.3CVSS5.7AI score0.00298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•12 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

9.6CVSS5.7AI score0.00417EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•12 views

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

9.6CVSS5.7AI score0.00532EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•9 views

firefox: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.7AI score0.00372EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•11 views

firefox: Privilege escalation in the Enterprise Policies component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...

8.8CVSS5.7AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•12 views

firefox: Spoofing issue in the Form Autofill component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...

6.5CVSS5.7AI score0.00322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•17 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.0056EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•11 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•11 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•10 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.7AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•13 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.9AI score0.00332EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•11 views

firefox: Privilege escalation in the Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...

8.8CVSS5.7AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/03 1:1 a.m.•15 views

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

9.8CVSS5.7AI score0.00313EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/02 10:29 p.m.•12 views

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/02 10:29 p.m.•10 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/02 10:29 p.m.•11 views

PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation

A flaw was found in PHP, specifically within the PHP-FPM status page. Due to improper sanitation of user data, a remote attacker can craft a malicious URL. When a user views the PHP-FPM status page with this crafted URL, it can lead to the execution of arbitrary JavaScript code Cross-Site Scripti...

8.8CVSS6.1AI score0.0021EPSS
Exploits1References5
Total number of security vulnerabilities114931