Lucene search
K
RedhatcveRecent

206393 matches found

RedhatCVE
RedhatCVE
•added 2 days ago•3 views

CVE-2026-14940

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS5.8AI score0.00307EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-41516

A flaw was found in OP-TEE Trusted Execution Environment. The RSA PKCS1 v1.5 decryption implementation within the Hisilicon HPRE crypto driver uses a non-constant-time comparison function for label hash verification, leading to multiple distinguishable error paths. This creates a...

3.3CVSS5.9AI score0.00099EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-55798

A flaw was found in Pillow, a Python imaging library. The WindowsViewer.getcommand function constructed a command-line interface CLI shell command by directly embedding a file path without proper escaping. This allowed shell metacharacters within the file path to inject arbitrary commands into...

4.5CVSS6.1AI score0.00136EPSS
Exploits1References8
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-41515

A flaw was found in OP-TEE, a Trusted Execution Environment TEE for Arm Cortex-A cores. The RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses non-constant-time memory comparison for label hash verification, leading to multiple distinguishable error paths. This vulnerability...

3.3CVSS5.9AI score0.00094EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-42546

A flaw was found in OP-TEE, a Trusted Execution Environment TEE for Arm Cortex-A cores. A resource leak exists in the shared memory cleanup logic where the system fails to properly release memory objects when processing non-contiguous memory parameters from a normal-world caller. Over time, these...

3.8CVSS6AI score0.00105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-41434

A flaw was found in OP-TEE Open Portable Trusted Execution Environment, a secure environment for Arm Cortex-A cores. This vulnerability allows a local attacker with low privileges to trigger an unbounded recursion within the PKCS11 Trusted Application TA. Successful exploitation could lead to a...

3.3CVSS5.9AI score0.00105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-44362

A flaw was found in OP-TEE, a Trusted Execution Environment TEE for Arm Cortex-A cores. This vulnerability allows a local attacker to bypass subkey rollback protection due to a failure in propagating versioning data during the Trusted Application TA loading process. Specifically, the system...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•3 views

CVE-2026-53763

A flaw was found in OP-TEE Trusted Execution Environment. This vulnerability involves 32-bit integer overflows within the AES-GCM cryptographic implementation. When processing large amounts of data over 512 megabytes, the system may incorrectly compute the authentication tag. This could allow a...

3.8CVSS5.9AI score0.00149EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-41514

A flaw was found in OP-TEE, a Trusted Execution Environment TEE designed for Arm Cortex-A cores. The RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time comparison function, creating a vulnerability known as a padding oracle. This allows a local attacke...

3.3CVSS5.9AI score0.00095EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-40257

A flaw was found in OP-TEE Trusted Execution Environment. An off-by-one error in the ARM Crypto Extensions accelerated SHA-3 implementation can lead to a massive heap overflow. This vulnerability allows for the corruption of all TEE kernel memory, potentially impacting the integrity and...

5.5CVSS6.1AI score0.00109EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2 days ago•2 views

CVE-2026-54059

A flaw was found in Pillow, a Python imaging library. A remote attacker could exploit this vulnerability by providing specially crafted PCF font data. This data, when processed, can lead to excessive memory allocation because the library does not properly check for decompression bombs. The primar...

7.5CVSS6AI score0.00354EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54060

A flaw was found in Pillow, a Python imaging library. When processing a specially crafted font file, the library's font compilation function does not adequately check for excessive memory allocation. This oversight allows a remote attacker to trigger an unreasonable consumption of system memory,...

7.5CVSS5.9AI score0.00361EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54502

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without...

6.3CVSS6.2AI score0.00257EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54500

A flaw was found in Oj Optimized JSON, a Ruby gem. When parsing a specially crafted JSON object with a key 254 bytes or longer using Oj.load in :object mode, an attacker can trigger a read of uninitialized stack memory. This vulnerability, an out-of-bounds read CWE-125, can lead to information...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54901

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj::Parser in usual mode does not mark arrayclass and hashclass references during garbage collection, leading to Use-After-Free. If GC runs after the class is assigned but before a parse,...

6.3CVSS5.9AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54898

A flaw was found in Oj, a Ruby library designed for efficient JSON JavaScript Object Notation parsing. This vulnerability, a heap use-after-free, occurs when a specific function, called a callback, modifies the input JSON string during the parsing process. This action can lead to the program...

6.5CVSS5.9AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54902

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys ≥ 35 bytes from garbage collection, and a Ruby callback that triggers GC inside hashend ca...

6.3CVSS5.9AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54900

A flaw was found in Oj, a Ruby gem for JSON parsing. When processing a specially crafted JSON object key of a specific length 65,535 bytes in usual mode with createid enabled, an integer truncation vulnerability occurs. This leads to a negative size being passed to the memcpy function, causing he...

7.5CVSS5.9AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-54592

A flaw was found in Oj, a Ruby gem for JSON parsing. A remote attacker can exploit this vulnerability by providing a deeply nested JSON document. This can lead to a stack buffer overflow in the Oj::Doceachchild function, causing the process to abort and resulting in a denial of service DoS for th...

7.5CVSS6.1AI score0.00263EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•3 views

CVE-2026-54903

A flaw was found in Oj, an Optimized JSON JavaScript Object Notation parser for Ruby. This vulnerability allows a remote attacker to cause heap corruption and a denial of service DoS by providing a JSON string larger than 2 gigabytes GB. An integer overflow occurs when processing the string lengt...

7.5CVSS6AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•6 views

CVE-2026-54897

A flaw was found in Oj Optimized JSON, a Ruby gem for parsing JSON. This vulnerability, categorized as a heap use-after-free CWE-416, occurs in the Oj::Doc iterators, specifically eachvalue, eachchild, and eachleaf. An attacker could exploit this when a Ruby code block, executed during iteration,...

7.8CVSS6AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•5 views

CVE-2026-54896

A flaw was found in Oj Optimized JSON, a Ruby gem used for processing JSON data. This vulnerability occurs when the software attempts to serialize convert into a format for storage or transmission Exception objects with a very large indentation setting. The internal process for handling this...

7.8CVSS6.3AI score0.00119EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-55380

A flaw was found in Pillow, a Python imaging library. A remote attacker could exploit this vulnerability by providing a specially crafted GD 2.x image file. The GdImageFile.open function reads image dimensions without proper validation, leading to excessive memory allocation. This can result in a...

7.5CVSS5.9AI score0.00361EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2 days ago•5 views

CVE-2026-54899

A flaw was found in Oj Optimized JSON, a Ruby gem for parsing JSON. When a Oj::Parser instance is reused and its symbolkeys setting is toggled from true to false, a heap use-after-free vulnerability occurs. This happens because the internal key cache is freed but its pointer is not cleared,...

6.5CVSS6.1AI score0.00428EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2 days ago•5 views

CVE-2026-11610

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-14476

A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...

8CVSS5.9AI score0.00501EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2 days ago•5 views

CVE-2026-55379

A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing a specially crafted BDF font file. The library's image processing function fails to properly validate dimensions from the font file, bypassing a critical...

7.5CVSS6AI score0.00364EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-14684

A flaw was found in HdrHistogram. A local attacker can exploit a vulnerability in the decodeFromByteBuffer function by manipulating the numberOfSignificantValueDigits argument. This manipulation leads to uncontrolled memory allocation, which can result in a Denial of Service DoS condition, making...

5CVSS5.6AI score0.0012EPSS
Exploits0References9
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-8924

A flaw was found in curl's cookie parsing logic. A malicious HTTP server can exploit this by setting 'super cookies' that bypass the Public Suffix List check. This allows an attacker-controlled origin to inject cookies that curl then transmits to unrelated third-party domains, leading to...

9.1CVSS5.9AI score0.00509EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2 days ago•4 views

CVE-2026-14604

A flaw was found in Open Asset Import Library Assimp. This vulnerability, a double free, exists within the PLY Model Handler component. A remote attacker could exploit this flaw by manipulating PLY model files, leading to a denial of service and making the application unavailable. Mitigation To...

6.5CVSS6AI score0.00233EPSS
Exploits0References9
RedhatCVE
RedhatCVE
•added 3 days ago•6 views

CVE-2026-11352

A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service DoS against a curl or libcurl client, as the helper function discards zero-length UDP...

7.5CVSS6.1AI score0.00756EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-11586

A flaw was found in curl. A malicious server can exploit this vulnerability by sending rapid, sequential WebSocket PING messages. Due to a lack of an upper bound on memory allocation for unacknowledged frames, curl can be forced to exhaust all available memory, leading to a denial of service...

7.5CVSS5.8AI score0.00623EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-12064

A flaw was found in curl. When a user invokes curl with a schemeless URL and specifies SFTP SSH File Transfer Protocol or SCP Secure Copy Protocol as the default protocol, the tool layer fails to initialize critical SSH security options. This bypasses host verification, allowing curl to connect t...

7.5CVSS5.9AI score0.0045EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•6 views

CVE-2026-14570

A flaw was found in Crypt::DSA. Versions before 1.22 for Perl use a biased random number generator when creating the Digital Signature Algorithm DSA signing nonce and private key. This bias allows a remote attacker to recover the private key through a lattice attack if they collect a sufficient...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-8286

A flaw was found in curl. When a new data transfer attempts to upgrade its connection using STARTTLS, it may incorrectly reuse an existing live connection. This reuse can occur even if the Transport Layer Security TLS configuration of the new transfer does not match the existing connection,...

8.1CVSS5.8AI score0.00413EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•5 views

CVE-2026-8925

A flaw was found in curl. The logic handling SASL Simple Authentication and Security Layer authentication could lead to a double-free vulnerability. This occurs because the GSASL context may be deallocated twice without clearing the pointer, potentially leading to memory corruption. An attacker...

9.8CVSS6AI score0.00783EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-8927

A flaw was found in libcurl. When reusing a libcurl handle for sequential transfers with environment-variable proxy configuration, the library does not properly clear the proxy authentication state. This oversight can lead to the unintended disclosure of Proxy-Authorization headers to an incorrec...

9.1CVSS5.8AI score0.00589EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-8926

A flaw was found in curl. When curl is configured to use a .netrc file for credentials and a URL is provided with a username but no password, curl may incorrectly retrieve and use the password for a different user from the .netrc file for the same host. This could lead to unauthorized information...

9.1CVSS5.8AI score0.00479EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•6 views

CVE-2026-9079

A flaw was found in curl. When libcurl is instructed to clear proxy authentication credentials, it fails to do so, leaving the old credentials available. This could lead to the unintended reuse of sensitive proxy authentication credentials for subsequent network transfers, potentially resulting i...

9.8CVSS5.8AI score0.00771EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•5 views

CVE-2026-8932

A flaw was found in curl. The libcurl library, used for transferring data with URLs, could improperly reuse existing network connections. This occurred even when changes to mutual Transport Layer Security mTLS settings, particularly those for client certificates, should have prevented such reuse...

7.5CVSS6AI score0.00288EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•6 views

CVE-2026-13769

A flaw was found in AWS CLI. Overly permissive file permissions on Unix-like systems, where the umask has not been configured to restrict file permissions, may allow other local users on the same host to read credentials. This occurs when certain AWS CLI subcommands, such as aws codeartifact logi...

6.8CVSS5.9AI score0.00101EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-9080

A flaw was found in libcurl. When curleasypause is called within the event-based CURLMOPTSOCKETFUNCTION callback, a use-after-free vulnerability is triggered. This occurs because libcurl attempts to store a flag using a pointer to memory that has already been freed. An attacker could potentially...

7.3CVSS6AI score0.00407EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-9545

A flaw was found in libcurl. An attacker can exploit this by replacing a legitimate HTTP/3 server with an impostor machine. When libcurl attempts a second transfer to the same site with a cached SSL session and early data enabled, it may send sensitive request data before verifying the server's...

7.5CVSS5.6AI score0.0032EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•4 views

CVE-2026-9546

A flaw was found in libcurl. This vulnerability causes the HTTP Referer header to persist even after it has been explicitly cleared. This can lead to the previous referrer string being unintentionally reused and sent in subsequent requests, potentially disclosing sensitive information to unintend...

7.5CVSS5.7AI score0.00511EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 3 days ago•5 views

CVE-2026-14761

A flaw was found in radare2. This vulnerability, an integer overflow, exists within the rstrndup and rstrappend functions. A local attacker could exploit this flaw by manipulating these string handling operations, potentially leading to a denial of service DoS condition...

5.5CVSS5.9AI score0.00131EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 3 days ago•7 views

CVE-2026-14786

A flaw was found in radareorg radare2. A local attacker could exploit an integer overflow vulnerability in the rstrwordget0set function. This flaw could lead to a denial of service DoS, making the affected system or application unavailable to legitimate users...

5.5CVSS5.9AI score0.00129EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 3 days ago•6 views

CVE-2026-14758

A flaw was found in radareorg radare2. A local attacker can exploit an integer overflow vulnerability within the hexpairs parser, specifically in the cmdanalopcode function. This manipulation can lead to an integer overflow, potentially causing a denial of service DoS condition...

5.5CVSS5.9AI score0.00131EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 3 days ago•5 views

CVE-2026-14787

A flaw was found in radareorg radare2. A local user can exploit an integer overflow vulnerability by manipulating the cmdprint function in the libr/core/cmdprint.inc library. This manipulation causes an integer overflow, leading to a denial of service DoS...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 3 days ago•3 views

CVE-2026-14789

A flaw was found in radare2. A local attacker can exploit a stack-based buffer overflow vulnerability in the Memory64ListStream Parser component by manipulating its functionality. This manipulation can lead to a denial of service DoS due to memory corruption...

4.8CVSS6.2AI score0.00126EPSS
Exploits0References2
Total number of security vulnerabilities206393