Red Hat

650 tracked vulnerabilities.

CVE-2025-14082 LOW
Keycloak < 26.5.0 - Unauthenticated Sensitive Role Metadata Exposure via Admin REST API
Dec 10, 2025
CVSS 2.7
EPSS 0.00
CVE-2025-14104 MEDIUM
util-linux < 2.41.3 - Heap Buffer Overread in setpwnam()
Dec 05, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-66287 HIGH
WebKitGTK < 2.50.3 - Denial of Service via Memory Handling Issue
Dec 04, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14010 MEDIUM
community.general - Sensitive Credential Exposure via Verbose Debug Output
Dec 04, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-13947 HIGH
WebKitGTK < 2.50.3 - Information Disclosure via File Drag-and-Drop Origin Validation Error
Dec 03, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-12744 HIGH
Red Hat ABRT - Command Injection via Mount Information
Dec 03, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-57850 MEDIUM
CodeReady Workspaces - Privilege Escalation
Dec 02, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-13601 HIGH
Red Hat CodeReady Linux Builder - Heap-Based Buffer Overflow via g_escape_uri_string()
Nov 26, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-13467 MEDIUM
Keycloak LDAP Federation < 26.4.6 - Authenticated Deserialization of Untrusted Data via LDAP Server Configuration
Nov 25, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-13502 HIGH
WebKitGTK < 2.50.2 - Denial of Service via GLib Remote Inspector Server
Nov 25, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13609 HIGH
Keylime < 7.13.0 - Agent Identity Overwrite via Duplicate UUID Registration
Nov 24, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-61664 MEDIUM
GNU grub2 < 2.14 - Use-After-Free in normal_exit Command
Nov 18, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-61663 MEDIUM
GNU grub2 < 2.14 - Use-After-Free in Normal Command
Nov 18, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-61662 HIGH
GRUB2 < 2.14 - Use-After-Free in gettext Module
Nov 18, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-61661 MEDIUM
GNU grub2 < 2.14 - Denial of Service via USB Device String Conversion
Nov 18, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-54771 MEDIUM
GNU GRUB2 < 2.14 - Use-After-Free in File System Structure Handling
Nov 18, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-54770 MEDIUM
GNU grub2 < 2.14 - Denial of Service via Use-After-Free in Network Module
Nov 18, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-13193 MEDIUM
Red Hat Enterprise Linux - Information Disclosure via Insecure Snapshot Permissions
Nov 17, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-13033 HIGH
Nodemailer <=7.0.7 - Quoted Recipient Address Email Misdirection
Nov 14, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11538 MEDIUM
Keycloak < 26.4.4 - Remote Code Execution via Debug Mode JDWP Port Binding
Nov 13, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-59089 MEDIUM
kdcproxy < 1.1.0 - Denial of Service via Unbounded KDC Response Handling
Nov 12, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-59088 HIGH
kdcproxy - DNS SRV Realm Server-Side Request Forgery
Nov 12, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-2843 HIGH
Observability Operator < 1.3.0 - Privilege Escalation via MonitorStack ServiceAccount
Nov 12, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-12748 MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via XML File Processing
Nov 11, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-10230 CRITICAL
Samba Active Directory WINS Hook - Remote Command Execution
Nov 07, 2025
CVSS 10.0
EPSS 0.00
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV