Red Hat

924 tracked vulnerabilities.

CVE-2024-6861 HIGH
Red Hat Satellite 6.12 for RHEL 8 - Exposure of Sensitive Information via GraphQL API Introspection
Nov 06, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-9902 MEDIUM
ansible-core < 2.14.18rc1 - Unauthenticated Arbitrary File Write via User Module
Nov 06, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-10573 MEDIUM
Red Hat Enterprise Linux 7, 8, 9 - Out-of-bounds Write in mpg123 PCM Decoding
Oct 31, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-8553 MEDIUM
Red Hat Satellite 6.13-6.16 - Authenticated Sensitive Information Exposure via Foreman Loader Macros
Oct 31, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-9632 HIGH
Red Hat Enterprise Linux - Heap-based Buffer Overflow in X.org Server via _XkbSetCompatMap
Oct 30, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-10295 HIGH
Red Hat 3scale API Management Platform 2 - Unauthenticated Authentication Bypass via Malformed Basic Auth Header
Oct 24, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10041 MEDIUM
linux-pam - Insecure Storage of Sensitive Information via Branch Predictor Training
Oct 23, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-9050 HIGH
Red Hat Enterprise Linux NetworkManager-libreswan - Local Privilege Escalation via VPN Configuration Injection
Oct 22, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9676 MEDIUM
Red Hat OpenShift Container Platform - Denial of Service via Symlink Traversal in containers/storage
Oct 15, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-9979 MEDIUM
PyO3 0.22.0-0.22.3 - Use-After-Free via Weak Python Reference Borrowing
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-3656 HIGH NUCLEI
Keycloak < 24.0.5 - Authenticated Privilege Escalation via Admin REST API Endpoints
Oct 09, 2024
CVSS 8.1
EPSS 0.03
CVE-2024-9675 HIGH
Buildah - Path Traversal via Cache Mount
Oct 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9671 MEDIUM
Red Hat 3scale API Management Platform 2 - Unauthenticated Information Disclosure via Invoice URL
Oct 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9622 MEDIUM
resteasy-netty4-cdi - Denial of Service via HTTP Request Smuggling
Oct 08, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-9621 MEDIUM
Quarkus CXF - Sensitive Information Disclosure in Log Files
Oct 08, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-9620 MEDIUM
Ansible Automation Platform - Info Disclosure
Oct 08, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9407 MEDIUM
buildah < 1.37.4 and podman < 5.2.4 - Arbitrary Host File Access via Dockerfile RUN --mount Bind-Propagation Option
Oct 01, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-9355 MEDIUM
Golang FIPS OpenSSL - Buffer Overflow
Oct 01, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9341 MEDIUM
containers/common < 0.60.4 - Symbolic Link Following via FIPS Mode File Path Handling
Oct 01, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-8612 LOW
Red Hat Enterprise Linux - Information Disclosure in virtio-scsi, virtio-blk, and virtio-crypto Devices
Sep 20, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-8883 MEDIUM NUCLEI
Red Hat Build of Keycloak - Open Redirect via Misconfigured Valid Redirect URI
Sep 19, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-8698 HIGH NUCLEI
Keycloak SAML Core < 22.0.13 - Improper Verification of Cryptographic Signature in XMLSignatureUtil
Sep 19, 2024
CVSS 7.7
EPSS 0.02
CVE-2024-45770 MEDIUM
Performance Co-Pilot - Privilege Escalation
Sep 19, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-45769 MEDIUM
Performance Co-Pilot - Code Injection
Sep 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-8939 MEDIUM
vllm - Denial of Service via Improper Handling of best_of Parameter
Sep 17, 2024
CVSS 6.2
EPSS 0.00
Products
Red Hat Enterprise Linux 9 543 Red Hat Enterprise Linux 8 541 Red Hat Enterprise Linux 10 461 Red Hat Enterprise Linux 7 452 Red Hat Enterprise Linux 6 412 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45