Lucene search
K
RedhatRecent

114948 matches found

RedHat Linux
RedHat Linux
•added 2026/05/27 10:37 a.m.•15 views

Important: Red Hat Security Advisory: .NET 10.0 security update

An update for .NET 10.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:14 a.m.•17 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:14 a.m.•17 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:12 a.m.•15 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:12 a.m.•19 views

Important: Red Hat Security Advisory: .NET 10.0 security update

An update for .NET 10.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:3 a.m.•14 views

serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:3 a.m.•11 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:3 a.m.•16 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•15 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS6AI score0.00176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•17 views

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

2.5CVSS5.8AI score0.0013EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•40 views

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

8.1CVSS6AI score0.00247EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•13 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•20 views

OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage

A flaw was found in OpenSSH. This vulnerability allows the system to use unintended Elliptic Curve Digital Signature Algorithm ECDSA algorithms. This occurs because the configuration for accepted public key algorithms is misinterpreted, leading to the use of weaker cryptographic methods than...

6.5CVSS5.7AI score0.00237EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•20 views

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 9:41 a.m.•11 views

serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 9:41 a.m.•13 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 9:41 a.m.•15 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/27 9:4 a.m.•10 views

serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 9:4 a.m.•18 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/27 9:4 a.m.•16 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 8:55 a.m.•27 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 security and extras update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...

9.8CVSS6.9AI score0.01735EPSS
Exploits3References9
RedHat Linux
RedHat Linux
•added 2026/05/27 7:45 a.m.•24 views

Critical: Red Hat Security Advisory: Red Hat Update Infrastructure 5.1 security update

The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...

9.8CVSS6.8AI score0.61469EPSS
Exploits42References32
RedHat Linux
RedHat Linux
•added 2026/05/27 7:22 a.m.•15 views

libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

7CVSS5.7AI score0.00188EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/27 7:22 a.m.•18 views

Important: Red Hat Security Advisory: libcap security update

An update for libcap is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7CVSS5.8AI score0.00188EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/27 7:20 a.m.•11 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/27 7:20 a.m.•16 views

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.19.32 security update

Red Hat build of MicroShift release 4.19.32 is now available with updates to packages and images that include a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•15 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.8AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•33 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS5.8AI score0.00193EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•36 views

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•17 views

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS5.8AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•19 views

kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•24 views

kernel: proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

7.8CVSS5.8AI score0.00193EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•16 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS5.9AI score0.00091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•15 views

kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the traffic control actct path when it is incorrectly configured with non-ingress egress qdiscs queueing disciplines. This can allow a local user with specific privileges to trigger a kernel crash, leading to a denial ...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•15 views

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•16 views

kernel: scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

5.8AI score0.00171EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/26 11:31 p.m.•13 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: postgresql17: postgresql17-17.10-0.1.hum1 aarch64, x8664 postgresql17-contrib-17.10-0.1.hum1 aarch64, x8664 postgresql17-docs-17.10-0.1.hum1 aarch64, x8664 postgresql17-plperl-17.10-0.1.hum1...

8.8CVSS5.8AI score0.00558EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/26 5:12 p.m.•19 views

Important: Red Hat Security Advisory: Red Hat Quay 3.14.8

Red Hat Quay 3.14.8 is now available with bug fixes. Quay 3.14.8...

10CVSS6.9AI score0.01945EPSS
Exploits9References26
RedHat Linux
RedHat Linux
•added 2026/05/26 3:39 p.m.•15 views

Important: Red Hat Security Advisory: OpenShift Virtualization v4.16 Images

Red Hat OpenShift Virtualization release v4.16 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/26 3:35 p.m.•11 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.7AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/26 3:35 p.m.•19 views

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

7.1CVSS5.8AI score0.00094EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/26 3:35 p.m.•23 views

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/26 2:55 p.m.•23 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update

Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...

9.6CVSS5.8AI score0.00505EPSS
Exploits2References5
RedHat Linux
RedHat Linux
•added 2026/05/26 2:54 p.m.•17 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.6 security update

Important: Red Hat OpenShift GitOps v1.18.6 security update An update is now available for Red Hat OpenShift GitOps...

9.8CVSS6.5AI score0.01735EPSS
Exploits2References7
RedHat Linux
RedHat Linux
•added 2026/05/26 2:49 p.m.•20 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update

Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...

9.8CVSS6.6AI score0.01735EPSS
Exploits4References7
RedHat Linux
RedHat Linux
•added 2026/05/26 2:30 p.m.•13 views

Moderate: Red Hat Security Advisory: corosync security update

An update for corosync is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References3
RedHat Linux
RedHat Linux
•added 2026/05/26 2:30 p.m.•19 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/26 2:30 p.m.•12 views

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.8AI score0.00994EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/26 2:29 p.m.•23 views

Important: Red Hat Security Advisory: RHACS 4.9.7 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

10CVSS6.7AI score0.01815EPSS
Exploits19References20
RedHat Linux
RedHat Linux
•added 2026/05/26 12:59 p.m.•14 views

Apache Tomcat: Apache Tomcat: Authentication bypass via client certificate misconfiguration

A flaw was found in Apache Tomcat where OCSP-based certificate validation may incorrectly soft-fail during CLIENTCERT authentication, even when soft-fail is disabled, under certain FFM-related execution paths. This can result in client certificates being accepted despite failed or unverifiable...

6.5CVSS5.9AI score0.00469EPSS
Exploits0References5
Total number of security vulnerabilities114948