Lucene search
K
RedhatRecent

115618 matches found

RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•23 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.7AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•19 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•18 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.9AI score0.00429EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•20 views

firefox: Spoofing issue in the Form Autofill component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...

6.5CVSS5.7AI score0.00322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•15 views

firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•16 views

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

5.3CVSS5.7AI score0.00298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•19 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.7AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•18 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•18 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.0056EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•16 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.9AI score0.00332EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•19 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References19
RedHat Linux
RedHat Linux
•added 2026/05/27 4:12 p.m.•18 views

firefox: Privilege escalation in the Enterprise Policies component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...

8.8CVSS5.7AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 4:6 p.m.•14 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

9.8CVSS7.7AI score0.0218EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 2:42 p.m.•22 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.01945EPSS
Exploits8References15
RedHat Linux
RedHat Linux
•added 2026/05/27 1:41 p.m.•20 views

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.8.7 release.

Red Hat Developer Hub 1.8.7 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

10CVSS5.8AI score0.00838EPSS
Exploits8References32
RedHat Linux
RedHat Linux
•added 2026/05/27 1:21 p.m.•13 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libsolv: libsolv-0.7.38-2.hum1 aarch64, x8664 libsolv-demo-0.7.38-2.hum1 aarch64, x8664 libsolv-devel-0.7.38-2.hum1 aarch64, x8664 libsolv-tools-0.7.38-2.hum1 aarch64, x8664...

7.8CVSS5.8AI score0.00399EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:44 a.m.•17 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:44 a.m.•10 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:37 a.m.•16 views

Important: Red Hat Security Advisory: .NET 10.0 security update

An update for .NET 10.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:37 a.m.•21 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:14 a.m.•18 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:14 a.m.•18 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:12 a.m.•15 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:12 a.m.•19 views

Important: Red Hat Security Advisory: .NET 10.0 security update

An update for .NET 10.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/27 10:3 a.m.•14 views

serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:3 a.m.•16 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/27 10:3 a.m.•12 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•15 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS6AI score0.00176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•20 views

OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage

A flaw was found in OpenSSH. This vulnerability allows the system to use unintended Elliptic Curve Digital Signature Algorithm ECDSA algorithms. This occurs because the configuration for accepted public key algorithms is misinterpreted, leading to the use of weaker cryptographic methods than...

6.5CVSS5.7AI score0.00237EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•43 views

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

8.1CVSS6AI score0.00247EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•20 views

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•13 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 10:1 a.m.•18 views

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

2.5CVSS5.8AI score0.0013EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 9:41 a.m.•11 views

serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 9:41 a.m.•13 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 9:41 a.m.•15 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/27 9:4 a.m.•10 views

serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/27 9:4 a.m.•18 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/27 9:4 a.m.•16 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 8:55 a.m.•28 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 security and extras update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...

9.8CVSS6.9AI score0.01735EPSS
Exploits3References9
RedHat Linux
RedHat Linux
•added 2026/05/27 7:45 a.m.•24 views

Critical: Red Hat Security Advisory: Red Hat Update Infrastructure 5.1 security update

The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...

9.8CVSS6.8AI score0.61469EPSS
Exploits44References32
RedHat Linux
RedHat Linux
•added 2026/05/27 7:22 a.m.•15 views

libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

7CVSS5.7AI score0.00188EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/27 7:22 a.m.•18 views

Important: Red Hat Security Advisory: libcap security update

An update for libcap is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7CVSS5.8AI score0.00188EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/27 7:20 a.m.•11 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/27 7:20 a.m.•16 views

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.19.32 security update

Red Hat build of MicroShift release 4.19.32 is now available with updates to packages and images that include a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•37 views

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•16 views

kernel: scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

5.8AI score0.00171EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•15 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.8AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•15 views

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/27 5:41 a.m.•17 views

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS5.8AI score0.00168EPSS
Exploits0References5
Total number of security vulnerabilities115618