Red Hat

919 tracked vulnerabilities.

CVE-2025-11538 MEDIUM
Keycloak < 26.4.4 - Remote Code Execution via Debug Mode JDWP Port Binding
Nov 13, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-59089 MEDIUM
kdcproxy < 1.1.0 - Denial of Service via Unbounded KDC Response Handling
Nov 12, 2025
CVSS 5.9
EPSS 0.01
CVE-2025-59088 HIGH
kdcproxy - DNS SRV Realm Server-Side Request Forgery
Nov 12, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-2843 HIGH
Observability Operator < 1.3.0 - Privilege Escalation via MonitorStack ServiceAccount
Nov 12, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-12748 MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via XML File Processing
Nov 11, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-10230 CRITICAL
Samba Active Directory WINS Hook - Remote Command Execution
Nov 07, 2025
CVSS 10.0
EPSS 0.40
CVE-2025-12789 MEDIUM
Red Hat Single Sign-On - Open Redirect
Nov 07, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-12790 HIGH
Rubygem MQTT < 0.7.0 - Man-in-the-Middle via Missing Hostname Validation
Nov 06, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
Nov 05, 2025
CVSS 8.0
EPSS 0.01
CVE-2025-12464 MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via QEMU e1000 Loopback Buffer Overflow
Oct 31, 2025
CVSS 6.2
EPSS 0.00
CVE-2025-62230 HIGH
Xwayland < 24.1.9 - Use-After-Free in Xkb Extension Client Resource Cleanup
Oct 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-62229 HIGH
X.Org X server and Xwayland - Use After Free
Oct 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-62231 HIGH
X.Org Xwayland < 24.1.9 - Memory Corruption via XkbSetCompatMap Integer Overflow
Oct 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-12390 MEDIUM
Keycloak < 26.0.0 - Session Fixation via Incomplete Session Cleanup
Oct 28, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-12103 MEDIUM
Red Hat Openshift AI Service - Privilege Escalation
Oct 28, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-10939 LOW
Keycloak < 26.4.4 - Unauthenticated Admin Path Access via Proxy Path Normalization Bypass
Oct 28, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-57848 MEDIUM
Container-native Virtualization - Privilege Escalation
Oct 23, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-12110 MEDIUM
Keycloak < 26.4.3 - Insufficient Session Expiration via Offline Access Scope Removal
Oct 23, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-11429 MEDIUM
Keycloak < 26.4.1 - Insufficient Session Expiration via Remember Me Setting
Oct 23, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-12105 HIGH
libsoup < 3.6.5 - Use-After-Free in Asynchronous Message Queue Handling
Oct 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58712 MEDIUM
Apache ActiveMQ Artemis - Container Privilege Escalation via Group-Writable /etc/passwd
Oct 22, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-11568 MEDIUM
Latchset luksmeta - Data Corruption via Metadata Overflow in LUKS1 Format
Oct 15, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-9640 MEDIUM
Samba - Info Disclosure
Oct 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-11731 LOW
Red Hat Enterprise Linux 10 - Denial of Service via libxslt exsltFuncResultComp Type Confusion
Oct 14, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-11561 HIGH
Red Hat Enterprise Linux - Privilege Escalation via SSSD Active Directory Integration
Oct 09, 2025
CVSS 8.8
EPSS 0.01
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 456 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45