Red Hat

650 tracked vulnerabilities.

CVE-2024-45496 CRITICAL
OpenShift Controller Manager - Privilege Escalation via Crafted .gitconfig File
Sep 17, 2024
CVSS 9.9
EPSS 0.00
CVE-2024-8775 MEDIUM
ansible-core >=2.17.0b1 <2.17.6 - Sensitive Information Exposure in Log Files via Vault Variable Handling
Sep 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-6840 MEDIUM
Ansible Automation Controller - Privilege Escalation
Sep 12, 2024
CVSS 6.6
EPSS 0.00
CVE-2024-7341 HIGH
Keycloak - Session Fixation via SAML Adapter
Sep 09, 2024
CVSS 7.1
EPSS 0.02
CVE-2024-8509 HIGH
Red Hat Migration Toolkit for Virtualization 2.6 - Improper Authorization via Bearer Token Validation Bypass
Sep 06, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-8445 MEDIUM
Red Hat Directory Server 11 and 12 - Authenticated Denial of Service via Malformed userPassword Input
Sep 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-4629 MEDIUM
Keycloak < 24.0.3 - Brute Force Protection Bypass via Timing Attack
Sep 03, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5148 HIGH
Gnome-Remote-Desktop - Privilege Escalation
Sep 02, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-6508 HIGH
OpenShift Console - Insufficient Entropy in OAuth2 State Parameter
Aug 21, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-7557 HIGH
Red Hat OpenShift AI - Authentication Bypass and Privilege Escalation via ServiceAccount Token Exposure
Aug 12, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5651 HIGH
Fence Agents Remediation 0.4 for RHEL 8 - Remote Code Execution via SSH/TELNET Path Arguments
Aug 12, 2024
CVSS 8.8
EPSS 0.29
CVE-2024-43168 MEDIUM
Red Hat Enterprise Linux 6-9 - Heap-based Buffer Overflow in Unbound cfg_mark_ports
Aug 12, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-43167 LOW
Red Hat Enterprise Linux 6-9 - Denial of Service via NULL Pointer Dereference in ub_ctx_set_fwd
Aug 12, 2024
CVSS 2.8
EPSS 0.00
CVE-2024-7143 HIGH
Pulp - Insecure Inherited Permissions via AutoAddObjPermsMixin
Aug 07, 2024
CVSS 8.3
EPSS 0.00
CVE-2024-7409 HIGH
Red Hat Enterprise Linux 8 - Denial of Service via QEMU NBD Server Socket Closure
Aug 05, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-7383 HIGH
Red Hat Enterprise Linux 8 - Improper Certificate Validation in libnbd
Aug 05, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-7128 MEDIUM
Red Hat OpenShift Container Platform 4.16-4.18 - Exposure of Sensitive Information via Unauthenticated Endpoints
Jul 26, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-6655 HIGH
Red Hat Enterprise Linux 8 - Code Injection via GTK Library Loading
Jul 16, 2024
CVSS 7.0
EPSS 0.00
CVE-2024-6501 LOW
Red Hat Enterprise Linux 9 - Denial of Service via Malformed LLDP Packet
Jul 09, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-3653 MEDIUM
Undertow 2.3.0.Alpha1-2.3.15.Final - Use-After-Free in Learning-Push Handler
Jul 08, 2024
CVSS 5.3
EPSS 0.04
CVE-2024-5971 HIGH
Undertow 2.3.0.Alpha1-2.3.14.Final - Denial of Service via Chunked Response Handling
Jul 08, 2024
CVSS 7.5
EPSS 0.04
CVE-2024-6409 HIGH
OpenSSH sshd SIGALRM Race - Remote Code Execution
Jul 08, 2024
CVSS 7.0
EPSS 0.76
CVE-2024-6126 LOW
Red Hat Enterprise Linux 9 - Authenticated Denial of Service via pam_env user_readenv Option
Jul 03, 2024
CVSS 3.2
EPSS 0.00
CVE-2024-4467 HIGH
Red Hat Advanced Virtualization for RHEL 8.2.1 - Out-of-bounds Write via QEMU Disk Image Utility
Jul 02, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-6387 HIGH
OpenSSH - DoS
Jul 01, 2024
CVSS 8.1
EPSS 0.63
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV