Red Hat

919 tracked vulnerabilities.

CVE-2025-7195 MEDIUM
Operator-SDK < 0.15.2 - Incorrect Default Permissions via user_setup Script
Aug 07, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-8556 LOW
CIRCL < 1.6.1 - Session Security Compromise via FourQ Elliptic Curve Point Injection
Aug 06, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-5988 MEDIUM
Red Hat Ansible Automation Platform 2.5 for RHEL 8/9 - Cross-Site Request Forgery in aap-gateway
Aug 04, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-7738 MEDIUM
Ansible django-ansible-base < 2025.7.22 - Cleartext Storage of Sensitive Information in Gateway API
Jul 31, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-8283 LOW
netavark - Info Disclosure
Jul 28, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-4056 HIGH
GLib < 2.84.1 - Denial of Service via Long Command Line Spawning
Jul 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-5449 MEDIUM
libssh - Denial of Service via Integer Overflow in SFTP Server Message Decoding
Jul 25, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-8114 MEDIUM
libssh < 0.11.2 - Denial of Service via NULL Pointer Dereference in Session ID Calculation
Jul 24, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-6018 HIGH
pam-config - Local Privilege Escalation via Polkit Bypass
Jul 23, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-4878 LOW
Red Hat Enterprise Linux 10 - Use-After-Free in privatekey_from_file()
Jul 22, 2025
CVSS 3.6
EPSS 0.00
CVE-2025-7784 MEDIUM
Red Hat build of Keycloak - Privilege Escalation via Fine-Grained Admin Permissions
Jul 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-7519 MEDIUM
polkit - Buffer Overflow
Jul 14, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-6395 MEDIUM
GnuTLS - Memory Corruption
Jul 10, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-7365 HIGH
Keycloak - Authenticated Account Takeover via Identity Provider Login Email Verification
Jul 10, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-7425 HIGH
libxml2 < 2.15.2 - Use-After-Free in XSLT Key Function Tree Fragment Handling
Jul 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-7424 HIGH
libxslt - Type Confusion via psvi Memory Field Reuse
Jul 10, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-32990 MEDIUM
GnuTLS - Heap-based Buffer Overflow in Certtool Template Parsing
Jul 10, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-32989 MEDIUM
GnuTLS - Heap-Buffer-Overread in Certificate Transparency SCT Extension Parsing
Jul 10, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-32988 MEDIUM
GnuTLS < 3.8.10 - Double Free in Subject Alternative Name Export Logic
Jul 10, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-7345 HIGH
Red Hat Enterprise Linux - Heap Buffer Overflow in gdk-pixbuf JPEG Image Processing
Jul 08, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-5987 HIGH
libssh 0.10.0-0.11.1 - Undefined Behavior via ChaCha20 Cipher Context Initialization
Jul 07, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-5351 MEDIUM
libssh 0.10.0-0.11.2 - Double Free in Key Export Functionality
Jul 04, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-5372 MEDIUM
Libssh <3.0 - Uninitialized Key Buffer
Jul 04, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-49521 HIGH
Ansible Automation Platform - Command Injection
Jun 30, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-49520 HIGH
Red Hat Ansible Automation Platform 2.5 for RHEL 8/9 - Authenticated Command Injection via Git URL Argument Injection
Jun 30, 2025
CVSS 8.8
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 456 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45