Red Hat

924 tracked vulnerabilities.

CVE-2024-7383 HIGH
Red Hat Enterprise Linux 8 - Improper Certificate Validation in libnbd
Aug 05, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-7128 MEDIUM
Red Hat OpenShift Container Platform 4.16-4.18 - Exposure of Sensitive Information via Unauthenticated Endpoints
Jul 26, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-6655 HIGH
Red Hat Enterprise Linux 8 - Code Injection via GTK Library Loading
Jul 16, 2024
CVSS 7.0
EPSS 0.00
CVE-2024-6501 LOW
Red Hat Enterprise Linux 9 - Denial of Service via Malformed LLDP Packet
Jul 09, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-3653 MEDIUM
Undertow 2.3.0.Alpha1-2.3.15.Final - Use-After-Free in Learning-Push Handler
Jul 08, 2024
CVSS 5.3
EPSS 0.02
CVE-2024-5971 HIGH
Undertow 2.3.0.Alpha1-2.3.14.Final - Denial of Service via Chunked Response Handling
Jul 08, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-6409 HIGH
OpenSSH sshd SIGALRM Race - Remote Code Execution
Jul 08, 2024
CVSS 7.0
EPSS 0.28
CVE-2024-6126 LOW
Red Hat Enterprise Linux 9 - Authenticated Denial of Service via pam_env user_readenv Option
Jul 03, 2024
CVSS 3.2
EPSS 0.00
CVE-2024-4467 HIGH
Red Hat Advanced Virtualization for RHEL 8.2.1 - Out-of-bounds Write via QEMU Disk Image Utility
Jul 02, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-6387 HIGH
OpenSSH - DoS
Jul 01, 2024
CVSS 8.1
EPSS 1.00
CVE-2024-6162 HIGH
Undertow 2.3.0.Alpha1-2.3.13.Final - Denial of Service via Concurrent AJP Request Path Decoding
Jun 20, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-5967 LOW
Keycloak LDAP Federation >=25.0.0 <25.0.1 - Authenticated Credential Leak via LDAP Connection URL Change
Jun 18, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-5953 MEDIUM
Red Hat Directory Server - Authenticated Denial of Service via Malformed Password Hash
Jun 18, 2024
CVSS 5.7
EPSS 0.01
CVE-2024-3049 MEDIUM
Booth < 1.1 - Insufficient Verification of Data Authenticity
Jun 06, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-5037 HIGH
Red Hat OpenShift Container Platform 4.12-4.16 - Authentication Bypass via Forged JWT Token
Jun 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-4540 HIGH
Keycloak < 24.0.5 - Cleartext Storage of Sensitive Information in OAuth 2.0 PAR KC_RESTART Cookie
Jun 03, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-5564 HIGH
Red Hat Enterprise Linux - Buffer Overflow via Malformed IPv6 Router Advertisement Packet
May 31, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-3657 HIGH
Red Hat Directory Server - Denial of Service via Specially-Crafted LDAP Query
May 28, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-2199 MEDIUM
Red Hat Directory Server - Authenticated Denial of Service via Malformed userPassword Input
May 28, 2024
CVSS 5.7
EPSS 0.01
CVE-2024-5042 MEDIUM
submariner-operator 0.16.0-m0-0.16.4 - Execution with Unnecessary Privileges
May 17, 2024
CVSS 6.6
EPSS 0.01
CVE-2024-4871 MEDIUM
Red Hat Satellite Remote Execution - SSH Host Key Verification Bypass
May 14, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-4840 MEDIUM
OpenStack Platform - Info Disclosure
May 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-4693 MEDIUM
QEMU Virtio PCI Bindings - Use After Free
May 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-3727 HIGH
containers/image < 5.30.1 - Improper Validation of Integrity Check Value
May 14, 2024
CVSS 8.3
EPSS 0.01
CVE-2024-4438 HIGH
Red Hat OpenStack Platform 16.1-18.0 - Uncontrolled Resource Consumption via HTTP/2 Rapid Reset
May 08, 2024
CVSS 7.5
EPSS 0.01
Products
Red Hat Enterprise Linux 9 543 Red Hat Enterprise Linux 8 541 Red Hat Enterprise Linux 10 461 Red Hat Enterprise Linux 7 452 Red Hat Enterprise Linux 6 412 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45