Red Hat

924 tracked vulnerabilities.

CVE-2024-12698 MEDIUM
Red Hat OpenShift Container Platform 4.18 - Uncontrolled Resource Consumption via Authenticated Streams
Dec 18, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9779 HIGH
Open Cluster Management - Privilege Escalation
Dec 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10973 MEDIUM
Keycloak Quarkus Server 25.0.0-25.99.9 - Cleartext Transmission of Sensitive Information via JGroups Replication
Dec 17, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-12401 MEDIUM
cert-manager < 1.12.14 - Denial of Service via PEM Data Processing
Dec 12, 2024
CVSS 4.4
EPSS 0.01
CVE-2024-12397 HIGH
Quarkus-HTTP < 5.3.4 - HTTP Request Smuggling via Cookie Parsing
Dec 12, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-12369 MEDIUM
wildfly-elytron 1.17.0.Final-2.2.9.Final - Authorization Code Injection via OIDC-Client
Dec 09, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-8676 HIGH
CRI-O < 1.29.11 - Improper Authorization via Checkpoint Restore
Nov 26, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-52337 MEDIUM
Fast Datapath for Red Hat Enterprise Linux - Log Spoofing via Improper Input Sanitization
Nov 26, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-52336 HIGH
Fast Datapath for Red Hat Enterprise Linux - Privilege Escalation via Tuned D-Bus instance_create Function
Nov 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9666 MEDIUM
Keycloak - Denial of Service via Proxy Header Handling
Nov 25, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-10492 LOW
Keycloak < 26.0.6 - Authenticated Sensitive Information Disclosure via Vault File Access
Nov 25, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-10451 MEDIUM
Keycloak < 24.0.9 and 26.0 < 26.0.6 - Use of Hard-coded Credentials via Build Process
Nov 25, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-10270 MEDIUM
Keycloak-services < 24.0.9 - Denial of Service via Regex Complexity in SearchQueryUtils
Nov 25, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-6538 MEDIUM
OpenShift Console - Authenticated Server-Side Request Forgery via /api/dev-console/proxy/internet Endpoint
Nov 25, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-11483 MEDIUM
Ansible Automation Platform - Privilege Escalation
Nov 25, 2024
CVSS 5.0
EPSS 0.01
CVE-2024-52616 MEDIUM
Red Hat Enterprise Linux 9 - Predictable DNS Transaction ID in Avahi-daemon
Nov 21, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-52615 MEDIUM
Red Hat Enterprise Linux 10 - Use of Insufficiently Random Values in Avahi-daemon DNS Query Port Selection
Nov 21, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-0793 HIGH
kubernetes < 1.27.0-alpha.1 - Denial of Service via HPA Config YAML
Nov 17, 2024
CVSS 7.7
EPSS 0.01
CVE-2024-11217 MEDIUM
Red Hat OpenShift Container Platform 4 - OAuth2 Client Secret Exposure via Debug Logging
Nov 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-3447 MEDIUM
QEMU - Heap-based Buffer Overflow in SDHCI Device Emulation
Nov 14, 2024
CVSS 6.0
EPSS 0.01
CVE-2024-49395 MEDIUM
mutt and neomutt - Exposure of Sensitive Information via PGP Encryption Metadata
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49394 MEDIUM
mutt and neomutt - Cryptographic Signature Bypass via In-Reply-To Header Spoofing
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49393 MEDIUM
mutt and neomutt - Improper Verification of Cryptographic Signature in To and Cc Headers
Nov 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-11079 MEDIUM
ansible-core >=2.18.0b1 <2.18.1rc1 - Arbitrary Code Execution via Hostvars Object
Nov 12, 2024
CVSS 5.5
EPSS 0.01
CVE-2024-10963 HIGH
Red Hat Enterprise Linux 8 - Improper Authentication via pam_access Configuration Rule Misinterpretation
Nov 07, 2024
CVSS 7.4
EPSS 0.01
Products
Red Hat Enterprise Linux 9 543 Red Hat Enterprise Linux 8 541 Red Hat Enterprise Linux 10 461 Red Hat Enterprise Linux 7 452 Red Hat Enterprise Linux 6 412 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45