Red Hat

919 tracked vulnerabilities.

CVE-2026-5673 MEDIUM
Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing
Apr 06, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-37977 LOW
Keycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim
Apr 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-3184 LOW
Util-linux: util-linux: access control bypass due to improper hostname canonicalization
Apr 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-2625 MEDIUM
Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification
Apr 03, 2026
CVSS 4.0
EPSS 0.00
CVE-2026-4636 HIGH
Keycloak UMA Policy - Unauthorized Resource Access
Apr 02, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-4634 HIGH
Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters
Apr 02, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4325 MEDIUM
Keycloak: keycloak: replay of action tokens via improper handling of single-use entries
Apr 02, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-4282 HIGH
Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw
Apr 02, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-3872 HIGH
Red Hat Keycloak 26.2 and 26.4 - redirect_uri Access Token Disclosure
Apr 02, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-35094 LOW
Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
Apr 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-35093 HIGH
Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins
Apr 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35092 HIGH
Corosync: corosync: denial of service via integer overflow in join message validation
Apr 01, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-35091 HIGH
Corosync: corosync: denial of service and information disclosure via crafted udp packet
Apr 01, 2026
CVSS 8.2
EPSS 0.01
CVE-2026-5201 HIGH
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
Mar 31, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5165 MEDIUM
Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5164 MEDIUM
Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5121 HIGH
Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
Mar 30, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5119 MEDIUM
Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
Mar 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-28369 HIGH
Undertow: undertow: request smuggling via malformed http request headers
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-28368 HIGH
Undertow: undertow: request smuggling via inconsistent header parsing
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-28367 HIGH
Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-4948 MEDIUM
Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization
Mar 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-2272 MEDIUM
Gimp: gimp: memory corruption due to integer overflow in ico file handling
Mar 26, 2026
CVSS 4.3
EPSS 0.01
CVE-2026-2271 LOW
Gimp: gimp: denial of service via crafted psp image file
Mar 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-2239 LOW
Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow
Mar 26, 2026
CVSS 2.8
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 456 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45