Lucene search
K
RedhatcveRecent

206304 matches found

RedhatCVE
RedhatCVE
added 2026/06/22 2:39 p.m.6 views

CVE-2026-42089

A flaw was found in Yeoman Environment. This vulnerability allows an attacker to install arbitrary packages and execute code during command-line interface CLI bootstrap. This occurs because the software installs missing local generator packages from caller-supplied names without user confirmation...

8.6CVSS6.1AI score0.00139EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/22 2:29 p.m.10 views

CVE-2026-44932

A flaw was found in the wicked DHCP client. A remote attacker, by operating a malicious Dynamic Host Configuration Protocol DHCP server, could send specially crafted DHCP replies containing unsanitized strings. This vulnerability allows the attacker to execute arbitrary code on the local machine,...

8.8CVSS6.3AI score0.00297EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/22 2:7 p.m.8 views

CVE-2026-12205

A flaw was found in Crypt::DSA, a Perl module for Digital Signature Algorithm DSA cryptography. This vulnerability occurs because the software reuses a unique random number, known as a nonce, for multiple digital signatures generated with the same cryptographic key. An attacker could exploit this...

9.1CVSS5.8AI score0.00289EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 1:55 p.m.6 views

CVE-2026-52911

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker to gain unauthorized access to session information or resources by exploiting an improper scope in the session binding mechanism. This could potentially compromise the integrity or confidentiality o...

8.8CVSS5.8AI score0.00362EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 1:54 p.m.8 views

CVE-2026-52909

A flaw was found in the Linux kernel, specifically within the IPv6 Virtual Tunnel Interface ip6vti component. This vulnerability occurs because a critical flag, netnsimmutable, is not properly set on a specific network device ip6vti0 when it is initialized. This oversight could allow the device t...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 1:54 p.m.6 views

CVE-2026-47210

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This sandbox escape vulnerability allows an attacker to execute arbitrary code in the host process. This occurs when untrusted code is executed with asynchronous async support on runtimes that expose WebAssembly...

9.8CVSS6.1AI score0.00507EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/22 1:43 p.m.9 views

CVE-2026-52908

A flaw was found in the Linux kernel. This vulnerability occurs during the re-registration of a Remote Direct Memory Access RDMA memory region. If the memory's access permissions are changed from read-only to read-write, the system may fail to properly update and secure the underlying user memory...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 1:39 p.m.10 views

CVE-2026-52910

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF reuseport mechanism. When a cBPF program is detached from a reuseport group, it is freed immediately without waiting for Read-Copy-Update RCU readers to complete. This can lead to a use-after-free condition, resulting in memory...

7.8CVSS5.8AI score0.00102EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 1:16 p.m.9 views

CVE-2026-55202

A flaw was found in Tinyproxy. This vulnerability allows unauthenticated remote attackers to gain unauthorized access to internal proxy statistics or misroute requests. This is possible due to improper validation of the Host header during stathost detection, which can be exploited by injecting a...

8.8CVSS5.9AI score0.00335EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 1:9 p.m.6 views

CVE-2026-43994

A flaw was found in Coturn, an open-source TURN and STUN server. A remote attacker can exploit a stack buffer overflow vulnerability by providing a specially crafted OAuth access token when the server is configured to use --oauth mode. This could lead to arbitrary code execution RCE, allowing the...

9.8CVSS6.8AI score0.0045EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/22 1:3 p.m.7 views

CVE-2026-48772

A flaw was found in ProxySQL, a proxy for MySQL and its forks, as well as PostgreSQL. A remote attacker can exploit this vulnerability by sending a specially crafted PROXY protocol version 1 PP1 header with an 'UNKNOWN' protocol token. Despite the specification requiring these address fields to b...

10CVSS5.8AI score0.00185EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 1:1 p.m.7 views

CVE-2025-70102

A flaw was found in dhcpcd. A specially crafted configuration input may cause the parseoption function to dereference a NULL pointer while processing malformed option data. This issue may result in application termination and a denial of service condition. Mitigation Red Hat is not aware of a...

6.3CVSS5.7AI score0.00169EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 12:46 p.m.8 views

CVE-2026-54100

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture...

8.3CVSS5.9AI score0.00182EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/22 12:45 p.m.10 views

CVE-2026-54099

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS5.8AI score0.00073EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/22 12:27 p.m.7 views

CVE-2026-33245

A flaw was found in React Router. This vulnerability, a type of Cross-Site Scripting XSS, affects applications utilizing React Router's unstable React Server Components RSC APIs. A remote attacker could exploit this by sending untrusted redirects, leading to the execution of malicious scripts in...

8CVSS6AI score0.00188EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 12:21 p.m.5 views

CVE-2026-50589

A flaw was found in OpenStack Ironic. An unauthenticated malicious user could exploit this vulnerability by submitting a specially crafted JSON JavaScript Object Notation string to certain API Application Programming Interface or JSON-RPC Remote Procedure Call service endpoints. This could lead t...

7.5CVSS5.8AI score0.00433EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 12:18 p.m.9 views

CVE-2026-55392

A flaw was found in NILFS utilities. An attacker can exploit this vulnerability by supplying a crafted NILFS2 image. This can lead to undefined behavior, oversized shifts, or out-of-memory conditions, ultimately causing a Denial of Service DoS by crashing tools such as nilfs-tune and dumpseg...

6.7CVSS5.8AI score0.00105EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 12:18 p.m.7 views

CVE-2026-42573

A flaw was found in Svelte, a web framework. An attacker could exploit a DOM clobbering vulnerability, which allows manipulation of the Document Object Model DOM to overwrite internal framework state on elements. This could potentially lead to Cross-Site Scripting XSS attacks, enabling the attack...

8.1CVSS5.8AI score0.00319EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 12:11 p.m.8 views

CVE-2026-56378

A vulnerability in ImageMagick allows attackers to crash the application or expose system data if a maliciously crafted Picture CD PCD file is processed. Mitigation Avoid processing untrusted PCD Picture CD image files with ImageMagick. Applications that utilize ImageMagick for image processing...

8.2CVSS5.9AI score0.00223EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 7:3 a.m.12 views

CVE-2026-12804

A flaw was found in lemonldap-ng. A remote attacker could exploit this vulnerability by manipulating the 'url' argument within the SAML Common Domain Cookie Endpoint. This manipulation results in an open redirect, potentially leading to users being redirected to arbitrary malicious websites...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/22 6:44 a.m.6 views

CVE-2026-12805

A flaw was found in OFFIS DCMTK. A remote attacker could exploit this vulnerability by manipulating input to the XMLNode::parseFile function. This can lead to a heap-based buffer overflow, a type of memory corruption, which may result in information disclosure or denial of service. Mitigation Use...

7.5CVSS6.1AI score0.00279EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/22 5:11 a.m.9 views

CVE-2026-1220

A race flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=473851441...

7.5CVSS6AI score0.00297EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:50 a.m.8 views

CVE-2026-12034

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Linux Toolkit Theming. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519258799...

8.3CVSS5.8AI score0.0018EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:50 a.m.10 views

CVE-2026-12033

The following flaw was identified in the Chromium browser: Out of bounds read VideoCapture. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519248779...

6.5CVSS5.8AI score0.00189EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:50 a.m.9 views

CVE-2026-12035

The following flaw was identified in the Chromium browser: Use after free Views. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520210566...

8.8CVSS5.8AI score0.00187EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:45 a.m.8 views

CVE-2026-12031

The following flaw was identified in the Chromium browser: Inappropriate implementation Views. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518045638...

8.3CVSS5.8AI score0.00191EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:45 a.m.9 views

CVE-2026-12032

The following flaw was identified in the Chromium browser: Inappropriate implementation Passwords. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518128953...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:41 a.m.9 views

CVE-2026-12029

The following flaw was identified in the Chromium browser: Use after free Video. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518002958...

8.3CVSS5.8AI score0.00191EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:41 a.m.10 views

CVE-2026-12027

The following flaw was identified in the Chromium browser: Insufficient policy enforcement Headless. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517517155...

9.6CVSS5.8AI score0.00224EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:41 a.m.9 views

CVE-2026-12026

The following flaw was identified in the Chromium browser: Out of bounds read Video. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517347084...

6.5CVSS5.8AI score0.00236EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:41 a.m.8 views

CVE-2026-12030

The following flaw was identified in the Chromium browser: Heap buffer overflow GPU. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518007423...

8.3CVSS6.1AI score0.00191EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:41 a.m.9 views

CVE-2026-12028

The following flaw was identified in the Chromium browser: Use after free GPU. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517555461...

8.3CVSS5.8AI score0.00229EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:36 a.m.7 views

CVE-2026-12025

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Network. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517153191...

5.8CVSS5.8AI score0.00227EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:36 a.m.5 views

CVE-2026-12024

The following flaw was identified in the Chromium browser: Insufficient policy enforcement DevTools. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517086161...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:17 a.m.7 views

CVE-2026-12022

The following flaw was identified in the Chromium browser: Race Safe Browsing. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516929496...

8.3CVSS5.8AI score0.00166EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:17 a.m.6 views

CVE-2026-12023

A flaw was found in Google Chrome's GPU component on Mac. This 'use after free' vulnerability allows a remote attacker, who has already compromised the browser's renderer process, to potentially escape the browser's security sandbox. This could lead to further compromise of the user's system when...

8.3CVSS5.8AI score0.00229EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 4:13 a.m.7 views

CVE-2026-12020

The following flaw was identified in the Chromium browser: Use after free Autofill. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516907083...

8.8CVSS5.8AI score0.00224EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 4:13 a.m.7 views

CVE-2026-12019

The following flaw was identified in the Chromium browser: Out of bounds write Codecs. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516872067...

8.3CVSS5.8AI score0.00253EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 6:44 p.m.8 views

CVE-2026-12726

A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...

6.3CVSS5.8AI score0.00204EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/19 4:34 p.m.7 views

CVE-2026-43915

A flaw was found in Coturn. A remote attacker can exploit a stored Cross-Site Scripting XSS vulnerability in the web-admin HTTPS interface by creating a TURN allocation with a crafted username. This allows the attacker to inject malicious HTML or JavaScript code. When an authenticated web-admin...

5.4CVSS5.9AI score0.00141EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 4:28 p.m.8 views

CVE-2026-56211

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.1CVSS6.7AI score0.00399EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 4:28 p.m.9 views

CVE-2026-56210

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS5.8AI score0.00245EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 4:28 p.m.12 views

CVE-2026-56208

A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...

7.6CVSS6.2AI score0.00275EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 4:28 p.m.15 views

CVE-2026-56209

An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel value...

7.1CVSS6AI score0.00272EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 3:46 p.m.9 views

CVE-2026-41568

A flaw was found in the Moby container framework. A race condition during the docker cp mount setup allows a malicious container to create empty files or directories at arbitrary locations on the host filesystem. This vulnerability can lead to a denial of service by filling up disk space or...

6.1CVSS5.9AI score0.00108EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/19 2:50 p.m.7 views

CVE-2026-45696

A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...

8.3CVSS5.8AI score0.00263EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/19 2:2 p.m.8 views

CVE-2026-44663

A security flaw has been identified in OpenEXR, a widely used image format library, which may impact applications processing certain high-resolution image files. Mitigation To mitigate this issue, avoid processing untrusted HTJ2K-compressed EXR files. Restricting the handling of such files to...

7.1CVSS5.7AI score0.00199EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/19 10:14 a.m.8 views

CVE-2026-12018

The following flaw was identified in the Chromium browser: Inappropriate implementation Mojo. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516808201...

8.8CVSS5.8AI score0.0016EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 10:5 a.m.9 views

CVE-2026-12017

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Extensions. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516797143...

8CVSS5.8AI score0.00208EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 9:50 a.m.9 views

CVE-2026-12016

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input DevTools. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516482138...

8.3CVSS5.8AI score0.00229EPSS
Exploits0References5
Total number of security vulnerabilities206304