Red Hat

650 tracked vulnerabilities.

CVE-2024-12582 HIGH
Service Interconnect 1 for RHEL 9 - Authentication Bypass and Denial of Service via Plaintext Password File
Dec 24, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-11614 HIGH
DPDK Vhost < unknown - Memory Corruption
Dec 18, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-12698 MEDIUM
Red Hat OpenShift Container Platform 4.18 - Uncontrolled Resource Consumption via Authenticated Streams
Dec 18, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9779 HIGH
Open Cluster Management - Privilege Escalation
Dec 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10973 MEDIUM
Keycloak Quarkus Server 25.0.0-25.99.9 - Cleartext Transmission of Sensitive Information via JGroups Replication
Dec 17, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-12401 MEDIUM
cert-manager < 1.12.14 - Denial of Service via PEM Data Processing
Dec 12, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-12397 HIGH
Quarkus-HTTP < 5.3.4 - HTTP Request Smuggling via Cookie Parsing
Dec 12, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-12369 MEDIUM
wildfly-elytron 1.17.0.Final-2.2.9.Final - Authorization Code Injection via OIDC-Client
Dec 09, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-8676 HIGH
CRI-O < 1.29.11 - Improper Authorization via Checkpoint Restore
Nov 26, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-52337 MEDIUM
Fast Datapath for Red Hat Enterprise Linux - Log Spoofing via Improper Input Sanitization
Nov 26, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-52336 HIGH
Fast Datapath for Red Hat Enterprise Linux - Privilege Escalation via Tuned D-Bus instance_create Function
Nov 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9666 MEDIUM
Keycloak - Denial of Service via Proxy Header Handling
Nov 25, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-10492 LOW
Keycloak < 26.0.6 - Authenticated Sensitive Information Disclosure via Vault File Access
Nov 25, 2024
CVSS 2.7
EPSS 0.00
CVE-2024-10451 MEDIUM
Keycloak < 24.0.9 and 26.0 < 26.0.6 - Use of Hard-coded Credentials via Build Process
Nov 25, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-10270 MEDIUM
Keycloak-services < 24.0.9 - Denial of Service via Regex Complexity in SearchQueryUtils
Nov 25, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-6538 MEDIUM
OpenShift Console - Authenticated Server-Side Request Forgery via /api/dev-console/proxy/internet Endpoint
Nov 25, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-11483 MEDIUM
Ansible Automation Platform - Privilege Escalation
Nov 25, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-52616 MEDIUM
Red Hat Enterprise Linux 9 - Predictable DNS Transaction ID in Avahi-daemon
Nov 21, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-52615 MEDIUM
Red Hat Enterprise Linux 10 - Use of Insufficiently Random Values in Avahi-daemon DNS Query Port Selection
Nov 21, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-0793 HIGH
kubernetes < 1.27.0-alpha.1 - Denial of Service via HPA Config YAML
Nov 17, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-11217 MEDIUM
Red Hat OpenShift Container Platform 4 - OAuth2 Client Secret Exposure via Debug Logging
Nov 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-3447 MEDIUM
QEMU - Heap-based Buffer Overflow in SDHCI Device Emulation
Nov 14, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-11079 MEDIUM
ansible-core >=2.18.0b1 <2.18.1rc1 - Arbitrary Code Execution via Hostvars Object
Nov 12, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-10963 HIGH
Red Hat Enterprise Linux 8 - Improper Authentication via pam_access Configuration Rule Misinterpretation
Nov 07, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-6861 HIGH
Red Hat Satellite 6.12 for RHEL 8 - Exposure of Sensitive Information via GraphQL API Introspection
Nov 06, 2024
CVSS 7.5
EPSS 0.00
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV