redhat

5,618 tracked vulnerabilities.

CVE-2023-40549 MEDIUM
shim < 15.8 - Denial of Service via Crafted PE Binary Load
Jan 29, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-40546 MEDIUM
shim < 15.8 - Denial of Service via ESL Variable Creation Error
Jan 29, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-40548 HIGH
shim < 15.8 - Heap-Based Buffer Overflow via PE Binary Parsing
Jan 29, 2024
CVSS 7.4
EPSS 0.00
CVE-2023-6291 HIGH
Keycloak < 22.0.7 and 23.0.0-23.0.2 - Open Redirect via redirect_uri Validation Bypass
Jan 26, 2024
CVSS 7.1
EPSS 0.00
CVE-2023-52356 HIGH
libtiff - Heap-based Buffer Overflow via TIFFReadRGBATileExt()
Jan 25, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-52355 HIGH
libtiff < 4.6.0 - Out-of-bounds Write via TIFFRasterScanlineSize64 API
Jan 25, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-40547 HIGH
Shim <15.8 - Remote Code Execution via HTTP Boot Response Parsing
Jan 25, 2024
CVSS 8.3
EPSS 0.04
CVE-2023-6531 HIGH
Linux Kernel < 6.7 - Use-After-Free via Unix Garbage Collector Race Condition
Jan 21, 2024
CVSS 7.0
EPSS 0.00
CVE-2023-6816 CRITICAL
X.Org Server < 21.1.11 and XWayland < 23.2.4 - Out-of-bounds Write via Button Mapping
Jan 18, 2024
CVSS 9.8
EPSS 0.03
CVE-2023-4001 MEDIUM
GRUB2 - Authentication Bypass via Duplicate UUID Configuration File
Jan 15, 2024
CVSS 6.8
EPSS 0.00
CVE-2023-6915 MEDIUM
Linux Kernel < 6.7 - Denial of Service via Null Pointer Dereference in ida_free
Jan 15, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-6683 MEDIUM
QEMU 6.1.0-8.2.1 - Authenticated Denial of Service via VNC ClientCutText Message
Jan 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-5455 MEDIUM
FreeIPA < 4.6.10 - Cross-Site Request Forgery in Session Login
Jan 10, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-6476 MEDIUM
Red Hat OpenShift Container Platform - Denial of Service via Experimental Annotation Bypass
Jan 09, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-6944 MEDIUM
Red Hat Developer Hub < 1.21.0 - GitLab Access Token Exposure via Catalog-Import Error Message
Jan 04, 2024
CVSS 5.7
EPSS 0.00
CVE-2023-6004 MEDIUM
libssh >=0.8.0 <0.9.8 - OS Command Injection via ProxyCommand or ProxyJump Hostname Parameter
Jan 03, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-7192 MEDIUM
Linux Kernel < 6.3 - Denial of Service via ctnetlink_create_conntrack Memory Leak
Jan 02, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-6693 MEDIUM
QEMU < 8.2.1 - Stack-based Buffer Overflow in virtio-net TX Flush
Jan 02, 2024
CVSS 4.9
EPSS 0.00
CVE-2023-4641 MEDIUM
shadow-utils < 4.14.0 - Password Exposure via Uncleared Memory Buffer
Dec 27, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-3171 HIGH
JBoss Enterprise Application Platform - Denial of Service via Unchecked HashMap/HashTable Deserialization
Dec 27, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-51767 HIGH
OpenSSH through 10.0 - Authentication Bypass via Row Hammer Bit Flip
Dec 24, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-51765 MEDIUM
sendmail < 8.18.0.2 - SMTP Smuggling via LF.CR.LF Sequence
Dec 24, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-51764 MEDIUM
Postfix < 3.5.23 - SMTP Smuggling via Bare Newline Injection
Dec 24, 2023
CVSS 5.3
EPSS 0.28
CVE-2023-6546 HIGH
Linux kernel - Privilege Escalation
Dec 21, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-2585 LOW
Keycloak - Auth Bypass
Dec 21, 2023
CVSS 3.5
EPSS 0.00
Products
enterprise_linux_desktop 1,928 enterprise_linux_server 1,891 enterprise_linux_workstation 1,845 enterprise_linux 1,780 enterprise_linux_server_aus 1,059 enterprise_linux_eus 780 enterprise_linux_server_tus 768 enterprise_linux_server_eus 622 openshift_container_platform 291 jboss_enterprise_application_platform 243 linux 229 satellite 222 openstack 210 enterprise_linux_hpc_node 146 openshift 146 software_collections 137 virtualization 128 enterprise_linux_for_ibm_z_systems 112 single_sign-on 108 enterprise_linux_for_power_little_endian 106 keycloak 98 enterprise_linux_for_power_little_endian_eus 93 enterprise_linux_for_ibm_z_systems_eus 87 enterprise_linux_workstation_supplementary 86 enterprise_linux_desktop_supplementary 84 enterprise_linux_server_supplementary 84 virtualization_host 84 enterprise_linux_server_supplementary_eus 83 enterprise_linux_hpc_node_eus 81 fedora_core 77
Quick Filters
Critical CVEs With Exploits In CISA KEV