Red Hat

924 tracked vulnerabilities.

CVE-2025-26465 MEDIUM
OpenSSH 6.9-9.7 - Machine-in-the-Middle Attack via VerifyHostKeyDNS Error Handling
Feb 18, 2025
CVSS 6.8
EPSS 0.07
CVE-2025-1391 MEDIUM
Keycloak Services 26.1.0-26.1.2 - Improper Access Control via Organization Domain Pattern Matching
Feb 17, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-1247 HIGH
Quarkus REST 3.16.0.CR1-3.18.2 - Exposure of Data Element to Wrong Session via Field Injection
Feb 13, 2025
CVSS 8.3
EPSS 0.01
CVE-2025-1244 HIGH
Emacs - Unauthenticated Remote Code Execution via HTTP URL Redirect
Feb 12, 2025
CVSS 8.8
EPSS 0.03
CVE-2025-23367 MEDIUM
Red Hat JBoss Enterprise Application Platform 7.4 - Improper Access Control in Suspend and Resume Handlers
Jan 30, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-0754 MEDIUM
OpenShift Service Mesh 2.6.3-2.5.6 - Log Injection
Jan 28, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-0750 MEDIUM
CRI-O - Path Traversal in Log Management Functions
Jan 28, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-0736 MEDIUM
Infinispan - Sensitive Information Exposure in JGroups JDBC_PING Logging
Jan 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-0650 HIGH
Open Virtual Network - Crafted UDP Packet Egress ACL Bypass
Jan 23, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-0604 MEDIUM
Keycloak LDAP Federation >=26.1.0 <26.1.3 - Authentication Bypass via Password Reset
Jan 22, 2025
CVSS 5.4
EPSS 0.01
CVE-2025-23366 MEDIUM
HAL Management Console < 3.7.7 - Authenticated Stored Cross-Site Scripting
Jan 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-0306 HIGH
Red Hat Enterprise Linux - Covert Timing Channel via Marvin Attack
Jan 09, 2025
CVSS 7.4
EPSS 0.01
CVE-2024-4027 HIGH
undertow-core < 2.3.21.Final - Unauthenticated Denial of Service via Large Parameter Names
Jan 30, 2026
CVSS 7.5
EPSS 0.01
CVE-2024-3884 HIGH
Undertow < 2.3.21.Final - Denial of Service via Form Data Parsing
Dec 03, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-12125 HIGH
3scale Developer Portal - Info Disclosure
Nov 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-10306 MEDIUM
mod_proxy_cluster - Info Disclosure
Apr 23, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-6875 MEDIUM
Red Hat Data Grid - Buffer Overflow
Mar 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-7631 MEDIUM
OpenShift Console - Authenticated Path Traversal via Locales Endpoint Parameters
Mar 19, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-8176 HIGH
Red Hat Enterprise Linux 10 - Denial of Service via Recursive Entity Expansion in libexpat
Mar 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2024-45782 HIGH
GRUB2 - Heap-Based Out-of-Bounds Write in HFS Filesystem Volume Name Handling
Mar 03, 2025
CVSS 7.8
EPSS 0.00
CVE-2024-45778 MEDIUM
GRUB2 < 2.12 - Denial of Service via BFS Filesystem Parsing
Mar 03, 2025
CVSS 4.1
EPSS 0.00
CVE-2024-45780 MEDIUM
GRUB2 < 2.12 - Heap Out-of-Bounds Write via Crafted Tar File
Mar 03, 2025
CVSS 6.7
EPSS 0.00
CVE-2024-45779 MEDIUM
GRUB2 < 2.12 - Integer Overflow in BFS File System Driver
Mar 03, 2025
CVSS 6.0
EPSS 0.00
CVE-2024-45777 MEDIUM
GRUB2 < 2.12 - Out-of-bounds Write in Language File Translation Buffer
Feb 19, 2025
CVSS 6.7
EPSS 0.00
CVE-2024-45783 MEDIUM
Red Hat Enterprise Linux 9 - Use-After-Free in HFS+ Filesystem Driver
Feb 18, 2025
CVSS 4.4
EPSS 0.00
Products
Red Hat Enterprise Linux 9 543 Red Hat Enterprise Linux 8 541 Red Hat Enterprise Linux 10 461 Red Hat Enterprise Linux 7 452 Red Hat Enterprise Linux 6 412 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45