redhat

5,762 tracked vulnerabilities.

CVE-2024-12087 MEDIUM
rsync < 3.3.0 - Path Traversal via --inc-recursive Symlink Handling
Jan 14, 2025
CVSS 6.5
EPSS 0.02
CVE-2024-12086 MEDIUM
rsync < 3.3.0 - Arbitrary File Read via Checksum Manipulation
Jan 14, 2025
CVSS 6.1
EPSS 0.02
CVE-2024-12085 HIGH
rsync < 3.3.0 - Information Disclosure via Checksum Length Manipulation
Jan 14, 2025
CVSS 7.5
EPSS 0.09
CVE-2024-49395 MEDIUM
mutt and neomutt - Exposure of Sensitive Information via PGP Encryption Metadata
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49394 MEDIUM
mutt and neomutt - Cryptographic Signature Bypass via In-Reply-To Header Spoofing
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49393 MEDIUM
mutt and neomutt - Improper Verification of Cryptographic Signature in To and Cc Headers
Nov 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-51127 HIGH
HornetQ < 2.4.9 - Path Traversal via createTempFile Method
Nov 04, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-50074 HIGH
Linux Kernel - Out-of-bounds Read in parport snprintf Length Calculation
Oct 29, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-10295 HIGH
Red Hat 3scale API Management Platform 2 - Unauthenticated Authentication Bypass via Malformed Basic Auth Header
Oct 24, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-50312 MEDIUM
OpenShift Container Platform - Unauthenticated Exposure of Sensitive GraphQL Schema Information via Introspection Query
Oct 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-50311 MEDIUM
OpenShift Container Platform - Denial of Service via GraphQL Batch Query Aliases
Oct 22, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10234 MEDIUM
Red Hat Build of Keycloak - Cross-Site Scripting via Wildfly Deployment System
Oct 22, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-9683 MEDIUM
Quay - Authentication Bypass via Truncated Password
Oct 17, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-10033 MEDIUM
Red Hat Ansible Automation Platform - Stored Cross-Site Scripting via Gateway Next Parameter
Oct 16, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-9676 MEDIUM
Red Hat OpenShift Container Platform - Denial of Service via Symlink Traversal in containers/storage
Oct 15, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-9675 HIGH
Buildah - Path Traversal via Cache Mount
Oct 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9671 MEDIUM
Red Hat 3scale API Management Platform 2 - Unauthenticated Information Disclosure via Invoice URL
Oct 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9341 MEDIUM
containers/common < 0.60.4 - Symbolic Link Following via FIPS Mode File Path Handling
Oct 01, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-8883 MEDIUM NUCLEI
Red Hat Build of Keycloak - Open Redirect via Misconfigured Valid Redirect URI
Sep 19, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-8354 MEDIUM
QEMU - Denial of Service via USB Endpoint Assertion Failure
Sep 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-8443 LOW
OpenSC - Heap-based Buffer Overflow in OpenPGP Driver via Malicious APDU Responses
Sep 10, 2024
CVSS 2.9
EPSS 0.00
CVE-2024-7341 HIGH
Keycloak - Session Fixation via SAML Adapter
Sep 09, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-7318 MEDIUM
Red Hat build of Keycloak 22.0-24.0.6 - Use of Expired OTP Codes via FreeOTP Token Period
Sep 09, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-7260 MEDIUM
Keycloak < 24.0.7 - Open Redirect via Referrer URI Parameter
Sep 09, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-7923 CRITICAL
Red Hat Satellite 6.13-6.15 - Authentication Bypass via Malformed HTTP Header
Sep 04, 2024
CVSS 9.8
EPSS 0.01