Filtered by vendor Redhat
Subscriptions
Total
23134 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-1132 | 1 Redhat | 23 Amq Broker, Build Keycloak, Build Of Keycloak and 20 more | 2026-02-25 | 8.1 High |
| A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL. | ||||
| CVE-2024-0553 | 3 Fedoraproject, Gnu, Redhat | 6 Fedora, Gnutls, Enterprise Linux and 3 more | 2026-02-25 | 7.5 High |
| A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981. | ||||
| CVE-2023-6917 | 2 Redhat, Sgi | 2 Enterprise Linux, Performance Co-pilot | 2026-02-25 | 6 Medium |
| A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation. | ||||
| CVE-2023-50782 | 3 Couchbase, Cryptography.io, Redhat | 7 Couchbase Server, Cryptography, Ansible Automation Platform and 4 more | 2026-02-25 | 7.5 High |
| A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | ||||
| CVE-2024-45780 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-02-25 | 6.7 Medium |
| A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections. | ||||
| CVE-2024-45496 | 1 Redhat | 1 Openshift | 2026-02-25 | 9.9 Critical |
| A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An attacker with developer-level access can provide a crafted .gitconfig file containing commands executed during the cloning process, leading to arbitrary command execution on the worker node. An attacker running code in a privileged container could escalate their permissions on the node running the container. | ||||
| CVE-2024-2307 | 1 Redhat | 1 Enterprise Linux | 2026-02-25 | 6.1 Medium |
| A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built. | ||||
| CVE-2023-4886 | 2 Redhat, Theforeman | 5 Satellite, Satellite Capsule, Satellite Maintenance and 2 more | 2026-02-25 | 6.7 Medium |
| A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable. | ||||
| CVE-2023-4237 | 1 Redhat | 3 Ansible Automation Platform, Ansible Automation Platform Cloud Billing, Ansible Collection | 2026-02-25 | 7.3 High |
| A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability. | ||||
| CVE-2023-5157 | 3 Fedoraproject, Mariadb, Redhat | 17 Fedora, Mariadb, Enterprise Linux and 14 more | 2026-02-25 | 7.5 High |
| A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service. | ||||
| CVE-2024-12401 | 1 Redhat | 8 Cert Manager, Connectivity Link, Cryostat and 5 more | 2026-02-25 | 4.4 Medium |
| A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector for the cert-manager in the cluster. | ||||
| CVE-2024-13484 | 1 Redhat | 1 Openshift Gitops | 2026-02-25 | 8.2 High |
| A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied. | ||||
| CVE-2023-6725 | 1 Redhat | 2 Openstack, Openstack Platform | 2026-02-25 | 5.5 Medium |
| An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information. | ||||
| CVE-2023-6693 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Advanced Virtualization and 1 more | 2026-02-25 | 4.9 Medium |
| A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. | ||||
| CVE-2023-6683 | 2 Qemu, Redhat | 3 Qemu, Advanced Virtualization, Enterprise Linux | 2026-02-25 | 6.5 Medium |
| A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service. | ||||
| CVE-2023-6134 | 1 Redhat | 9 Build Keycloak, Enterprise Linux, Keycloak and 6 more | 2026-02-25 | 4.6 Medium |
| A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748. | ||||
| CVE-2023-5981 | 3 Fedoraproject, Gnu, Redhat | 7 Fedora, Gnutls, Enterprise Linux and 4 more | 2026-02-25 | 5.9 Medium |
| A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | ||||
| CVE-2024-11218 | 1 Redhat | 7 Enterprise Linux, Openshift, Openshift Ironic and 4 more | 2026-02-25 | 8.6 High |
| A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. | ||||
| CVE-2023-46848 | 2 Redhat, Squid-cache | 6 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 3 more | 2026-02-25 | 8.6 High |
| Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | ||||
| CVE-2023-46847 | 2 Redhat, Squid-cache | 15 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 12 more | 2026-02-25 | 8.6 High |
| Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | ||||