Red Hat

650 tracked vulnerabilities.

CVE-2024-9902 MEDIUM
ansible-core < 2.14.18rc1 - Unauthenticated Arbitrary File Write via User Module
Nov 06, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-10573 MEDIUM
Red Hat Enterprise Linux 7, 8, 9 - Out-of-bounds Write in mpg123 PCM Decoding
Oct 31, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-8553 MEDIUM
Red Hat Satellite 6.13-6.16 - Authenticated Sensitive Information Exposure via Foreman Loader Macros
Oct 31, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-9632 HIGH
Red Hat Enterprise Linux - Heap-based Buffer Overflow in X.org Server via _XkbSetCompatMap
Oct 30, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-10295 HIGH
Red Hat 3scale API Management Platform 2 - Unauthenticated Authentication Bypass via Malformed Basic Auth Header
Oct 24, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-9050 HIGH
Red Hat Enterprise Linux NetworkManager-libreswan - Local Privilege Escalation via VPN Configuration Injection
Oct 22, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9676 MEDIUM
Red Hat OpenShift Container Platform - Denial of Service via Symlink Traversal in containers/storage
Oct 15, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-9979 MEDIUM
PyO3 0.22.0-0.22.3 - Use-After-Free via Weak Python Reference Borrowing
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-3656 HIGH NUCLEI
Keycloak < 24.0.5 - Authenticated Privilege Escalation via Admin REST API Endpoints
Oct 09, 2024
CVSS 8.1
EPSS 0.90
CVE-2024-9675 HIGH
Buildah - Path Traversal via Cache Mount
Oct 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9671 MEDIUM
Red Hat 3scale API Management Platform 2 - Unauthenticated Information Disclosure via Invoice URL
Oct 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9622 MEDIUM
resteasy-netty4-cdi - Denial of Service via HTTP Request Smuggling
Oct 08, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9621 MEDIUM
Quarkus CXF - Sensitive Information Disclosure in Log Files
Oct 08, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9620 MEDIUM
Ansible Automation Platform - Info Disclosure
Oct 08, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9407 MEDIUM
buildah < 1.37.4 and podman < 5.2.4 - Arbitrary Host File Access via Dockerfile RUN --mount Bind-Propagation Option
Oct 01, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-9355 MEDIUM
Golang FIPS OpenSSL - Buffer Overflow
Oct 01, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9341 MEDIUM
containers/common < 0.60.4 - Symbolic Link Following via FIPS Mode File Path Handling
Oct 01, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-8612 LOW
Red Hat Enterprise Linux - Information Disclosure in virtio-scsi, virtio-blk, and virtio-crypto Devices
Sep 20, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-8883 MEDIUM NUCLEI
Red Hat Build of Keycloak - Open Redirect via Misconfigured Valid Redirect URI
Sep 19, 2024
CVSS 6.1
EPSS 0.07
CVE-2024-8698 HIGH NUCLEI
Keycloak SAML Core < 22.0.13 - Improper Verification of Cryptographic Signature in XMLSignatureUtil
Sep 19, 2024
CVSS 7.7
EPSS 0.82
CVE-2024-45770 MEDIUM
Performance Co-Pilot - Privilege Escalation
Sep 19, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-45769 MEDIUM
Performance Co-Pilot - Code Injection
Sep 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-8939 MEDIUM
vllm - Denial of Service via Improper Handling of best_of Parameter
Sep 17, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-8768 HIGH
vllm < 0.5.5 - Denial of Service via Empty Prompt
Sep 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-7387 CRITICAL
OpenShift Builder - Command Injection via Path Traversal in BuildConfig Secret DestinationDir
Sep 17, 2024
CVSS 9.1
EPSS 0.01
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV