Red Hat

650 tracked vulnerabilities.

CVE-2025-10911 MEDIUM
Red Hat Enterprise Linux 10 - Use-After-Free in libxslt XSL Node Parser
Sep 25, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-10894 CRITICAL
Nx Build System and Plugins - Malicious Code Injection via npm
Sep 24, 2025
CVSS 9.6
EPSS 0.00
CVE-2025-9900 HIGH
Libtiff - Write-What-Where Condition via Crafted TIFF Image Height Metadata
Sep 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-5962 HIGH
Red Hat Enterprise Linux 10 - Unauthenticated Improper Access Control in Lightspeed History Service
Sep 22, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-4953 HIGH
Podman - Insecure Temporary File Creation via RUN --mount=type=bind
Sep 16, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-8277 LOW
Red Hat Enterprise Linux 6-10 and OpenShift Container Platform 4 - Denial of Service via libssh KEX Memory Leak
Sep 09, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-9566 HIGH
Red Hat Enterprise Linux 10 - Path Traversal via Podman Kube Play Command
Sep 05, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-10044 MEDIUM
Keycloak < 26.2.9 - Phishing via Unsanitized Error Description Parameter
Sep 05, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-9901 MEDIUM
Red Hat Enterprise Linux 6-10 - Sensitive Information Exposure via SoupCache Vary Header Mismanagement
Sep 03, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-7039 LOW
Red Hat Enterprise Linux - Path Traversal via Integer Overflow in Temporary File Creation
Sep 03, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-9784 HIGH
Red Hat build of Apache Camel for Spring Boot - Denial of Service via MadeYouReset Attack
Sep 02, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-8067 HIGH
Udisks daemon - Privilege Escalation
Aug 28, 2025
CVSS 8.5
EPSS 0.00
CVE-2025-9162 MEDIUM
KeycloakRealmImport - Code Injection
Aug 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-8415 MEDIUM
Cryostat < 4.0.2 - Unauthenticated Authentication Bypass via HTTP API
Aug 20, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-4877 MEDIUM
Red Hat Enterprise Linux 10 - Out-of-bounds Write in libssh ssh_get_fingerprint_hash()
Aug 20, 2025
CVSS 4.5
EPSS 0.00
CVE-2025-4437 MEDIUM
cri-o - Denial of Service via Large /etc/passwd File Processing
Aug 20, 2025
CVSS 5.7
EPSS 0.00
CVE-2025-7777 MEDIUM
mirror registry for Red Hat OpenShift - Open Redirect via Host Header
Aug 20, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-5417 MEDIUM
Red Hat Developer Hub rhdh/rhdh-hub-rhel9 - Info Disclosure
Aug 19, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-8941 HIGH
Red Hat Enterprise Linux 7 Extended Lifecycle Support - Privilege Escalation via pam_namespace Symlink Attack
Aug 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-7195 MEDIUM
Operator-SDK < 0.15.2 - Incorrect Default Permissions via user_setup Script
Aug 07, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-8556 LOW
CIRCL < 1.6.1 - Session Security Compromise via FourQ Elliptic Curve Point Injection
Aug 06, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-5988 MEDIUM
Red Hat Ansible Automation Platform 2.5 for RHEL 8/9 - Cross-Site Request Forgery in aap-gateway
Aug 04, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-7738 MEDIUM
Ansible django-ansible-base < 2025.7.22 - Cleartext Storage of Sensitive Information in Gateway API
Jul 31, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-8283 LOW
netavark - Info Disclosure
Jul 28, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-8114 MEDIUM
libssh < 0.11.2 - Denial of Service via NULL Pointer Dereference in Session ID Calculation
Jul 24, 2025
CVSS 4.7
EPSS 0.00
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV