redhat

5,762 tracked vulnerabilities.

CVE-2025-9572 MEDIUM
Foreman 1.22.0-3.16.1 - Incorrect Authorization via GraphQL API
Feb 27, 2026
CVSS 5.0
EPSS 0.00
CVE-2025-12543 CRITICAL
Undertow HTTP Server - Malformed Host Header Cache Poisoning
Jan 07, 2026
CVSS 9.6
EPSS 0.01
CVE-2025-14874 HIGH
Nodemailer < 7.0.11 - Denial of Service via Crafted Email Address Header
Dec 18, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-14512 MEDIUM
glib < 2.86.3 - Heap Buffer Overflow and Denial of Service via GIO escape_byte_string() Integer Overflow
Dec 11, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-14087 MEDIUM
GLib < 2.86.3 - Heap Corruption via GVariant Parser Buffer Underflow
Dec 10, 2025
CVSS 5.6
EPSS 0.01
CVE-2025-14010 MEDIUM
community.general - Sensitive Credential Exposure via Verbose Debug Output
Dec 04, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-13601 HIGH
Red Hat CodeReady Linux Builder - Heap-Based Buffer Overflow via g_escape_uri_string()
Nov 26, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-62230 HIGH
Xwayland < 24.1.9 - Use-After-Free in Xkb Extension Client Resource Cleanup
Oct 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-62231 HIGH
X.Org Xwayland < 24.1.9 - Memory Corruption via XkbSetCompatMap Integer Overflow
Oct 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-9784 HIGH
Red Hat build of Apache Camel for Spring Boot - Denial of Service via MadeYouReset Attack
Sep 02, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-8419 MEDIUM
Keycloak < 26.2.8 - SMTP Injection via Email Registration
Aug 06, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31277 HIGH KEV
Safari < 18.6 - Memory Corruption via Malicious Web Content
Jul 30, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-8283 LOW
netavark - Info Disclosure
Jul 28, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-7784 MEDIUM
Red Hat build of Keycloak - Privilege Escalation via Fine-Grained Admin Permissions
Jul 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-7519 MEDIUM
polkit - Buffer Overflow
Jul 14, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-53862 LOW
Ansible Automation Platform - Unauthenticated Exposure of Sensitive System Information via API Endpoints
Jul 11, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-53861 LOW
Ansible Automation Platform - Cleartext Transmission of Sensitive Cookies
Jul 11, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-7365 HIGH
Keycloak - Authenticated Account Takeover via Identity Provider Login Email Verification
Jul 10, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-7424 HIGH
libxslt - Type Confusion via psvi Memory Field Reuse
Jul 10, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-32990 MEDIUM
GnuTLS - Heap-based Buffer Overflow in Certtool Template Parsing
Jul 10, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-32989 MEDIUM
GnuTLS - Heap-Buffer-Overread in Certificate Transparency SCT Extension Parsing
Jul 10, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-32988 MEDIUM
GnuTLS < 3.8.10 - Double Free in Subject Alternative Name Export Logic
Jul 10, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-5351 MEDIUM
libssh 0.10.0-0.11.2 - Double Free in Key Export Functionality
Jul 04, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-5372 MEDIUM
Libssh <3.0 - Uninitialized Key Buffer
Jul 04, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-6017 MEDIUM
Red Hat Advanced Cluster Management <2.10.7-2.12.4 - Info Disclosure
Jul 02, 2025
CVSS 5.5
EPSS 0.00