Red Hat
924 tracked vulnerabilities.
CVE-2024-12698
MEDIUM
Red Hat OpenShift Container Platform 4.18 - Uncontrolled Resource Consumption via Authenticated Streams
Dec 18, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9779
HIGH
Open Cluster Management - Privilege Escalation
Dec 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10973
MEDIUM
Keycloak Quarkus Server 25.0.0-25.99.9 - Cleartext Transmission of Sensitive Information via JGroups Replication
Dec 17, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-12401
MEDIUM
cert-manager < 1.12.14 - Denial of Service via PEM Data Processing
Dec 12, 2024
CVSS 4.4
EPSS 0.01
CVE-2024-12397
HIGH
Quarkus-HTTP < 5.3.4 - HTTP Request Smuggling via Cookie Parsing
Dec 12, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-12369
MEDIUM
wildfly-elytron 1.17.0.Final-2.2.9.Final - Authorization Code Injection via OIDC-Client
Dec 09, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-8676
HIGH
CRI-O < 1.29.11 - Improper Authorization via Checkpoint Restore
Nov 26, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-52337
MEDIUM
Fast Datapath for Red Hat Enterprise Linux - Log Spoofing via Improper Input Sanitization
Nov 26, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-52336
HIGH
Fast Datapath for Red Hat Enterprise Linux - Privilege Escalation via Tuned D-Bus instance_create Function
Nov 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9666
MEDIUM
Keycloak - Denial of Service via Proxy Header Handling
Nov 25, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-10492
LOW
Keycloak < 26.0.6 - Authenticated Sensitive Information Disclosure via Vault File Access
Nov 25, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-10451
MEDIUM
Keycloak < 24.0.9 and 26.0 < 26.0.6 - Use of Hard-coded Credentials via Build Process
Nov 25, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-10270
MEDIUM
Keycloak-services < 24.0.9 - Denial of Service via Regex Complexity in SearchQueryUtils
Nov 25, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-6538
MEDIUM
OpenShift Console - Authenticated Server-Side Request Forgery via /api/dev-console/proxy/internet Endpoint
Nov 25, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-11483
MEDIUM
Ansible Automation Platform - Privilege Escalation
Nov 25, 2024
CVSS 5.0
EPSS 0.01
CVE-2024-52616
MEDIUM
Red Hat Enterprise Linux 9 - Predictable DNS Transaction ID in Avahi-daemon
Nov 21, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-52615
MEDIUM
Red Hat Enterprise Linux 10 - Use of Insufficiently Random Values in Avahi-daemon DNS Query Port Selection
Nov 21, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-0793
HIGH
kubernetes < 1.27.0-alpha.1 - Denial of Service via HPA Config YAML
Nov 17, 2024
CVSS 7.7
EPSS 0.01
CVE-2024-11217
MEDIUM
Red Hat OpenShift Container Platform 4 - OAuth2 Client Secret Exposure via Debug Logging
Nov 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-3447
MEDIUM
QEMU - Heap-based Buffer Overflow in SDHCI Device Emulation
Nov 14, 2024
CVSS 6.0
EPSS 0.01
CVE-2024-49395
MEDIUM
mutt and neomutt - Exposure of Sensitive Information via PGP Encryption Metadata
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49394
MEDIUM
mutt and neomutt - Cryptographic Signature Bypass via In-Reply-To Header Spoofing
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49393
MEDIUM
mutt and neomutt - Improper Verification of Cryptographic Signature in To and Cc Headers
Nov 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-11079
MEDIUM
ansible-core >=2.18.0b1 <2.18.1rc1 - Arbitrary Code Execution via Hostvars Object
Nov 12, 2024
CVSS 5.5
EPSS 0.01
CVE-2024-10963
HIGH
Red Hat Enterprise Linux 8 - Improper Authentication via pam_access Configuration Rule Misinterpretation
Nov 07, 2024
CVSS 7.4
EPSS 0.01
Products
Red Hat Enterprise Linux 9 543
Red Hat Enterprise Linux 8 541
Red Hat Enterprise Linux 10 461
Red Hat Enterprise Linux 7 452
Red Hat Enterprise Linux 6 412
Red Hat OpenShift Container Platform 4 209
Red Hat In-Vehicle Operating System 1 195
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127
Red Hat Enterprise Linux 9.4 Extended Update Support 116
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95
Red Hat Hardened Images 95
Red Hat Enterprise Linux 7 Extended Lifecycle Support 94
Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92
Red Hat Enterprise Linux 8.2 Advanced Update Support 89
Red Hat Build of Keycloak 87
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83
Red Hat Enterprise Linux 9.6 Extended Update Support 70
Red Hat Enterprise Linux 10.0 Extended Update Support 68
Red Hat Enterprise Linux 9.2 Extended Update Support 67
Red Hat build of Keycloak 26.4 64
Red Hat Enterprise Linux 8.8 Extended Update Support 60
Red Hat JBoss Enterprise Application Platform 8 58
Red Hat JBoss Enterprise Application Platform Expansion Pack 58
Red Hat Single Sign-On 7 53
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45
Quick Filters