redhat

5,762 tracked vulnerabilities.

CVE-2023-3223 HIGH
Undertow < 2.2.24 - Denial of Service via Large Multipart Content Bypass
Sep 27, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0833 MEDIUM
okhttp < 4.9.2 - Information Disclosure via Exception Message
Sep 27, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-0456 HIGH
APICast < 2.12.2 - Missing Authorization via OIDC Token Realm Mismatch
Sep 27, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-42753 HIGH
Linux Kernel 4.4.165-4.4.299 - Out-of-bounds Write in Netfilter Subsystem
Sep 25, 2023
CVSS 7.0
EPSS 0.01
CVE-2023-4156 MEDIUM
gawk < 5.1.1 - Heap Out-of-Bounds Read in builtin.c
Sep 25, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-5156 HIGH
glibc 2.34-2.38 - Use-After-Free in getaddrinfo
Sep 25, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-1636 MEDIUM
OpenStack Barbican - Privilege Escalation
Sep 24, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-1633 MEDIUM
OpenStack Barbican - Info Disclosure
Sep 24, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-1625 HIGH
OpenStack Heat - Authenticated Information Disclosure via Stack Show Command
Sep 24, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-1260 HIGH
kube-apiserver - Authentication Bypass via Ephemeral Containers Subresource
Sep 24, 2023
CVSS 8.0
EPSS 0.02
CVE-2023-0462 HIGH
Foreman < 3.8.0 - Authenticated Remote Code Execution via YAML Global Parameter Injection
Sep 20, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-0118 CRITICAL
Foreman - Admin Template Safe Mode Bypass to Code Execution
Sep 20, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-4853 HIGH
Quarkus < 2.16.11 - HTTP Security Policy Bypass via Input Neutralization Flaw
Sep 20, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-4806 MEDIUM
glibc - Use-After-Free in getaddrinfo with NSS Module Hooks
Sep 18, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-4527 MEDIUM
glibc >=2.36 <2.36.113 - Stack-based Buffer Overflow via getaddrinfo DNS Response
Sep 18, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-0923 HIGH
Red Hat OpenShift Data Science 1.22-1.22.1-3 - Missing Authorization in Jupyter API
Sep 15, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-0813 HIGH
Red Hat Network Observability - Unauthenticated Access via Loki authToken Misconfiguration
Sep 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-4959 MEDIUM
Quay - Cross-Site Request Forgery in Config-Editor Page
Sep 15, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-1108 HIGH
Redhat Build OF Quarkus < 2.2.24 - Infinite Loop
Sep 14, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-4155 MEDIUM
Linux Kernel - Denial of Service via KVM AMD SEV VMGEXIT Handler Race Condition
Sep 13, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-3301 MEDIUM
QEMU < 8.0.3 - Denial of Service via Hot-Unplug Race Condition
Sep 13, 2023
CVSS 5.6
EPSS 0.00
CVE-2023-3255 MEDIUM
QEMU < 8.0.3 - Authenticated Denial of Service via VNC ClientCutText Message Handling
Sep 13, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-2680 HIGH
qemu-kvm <RHSA-2022:7967 - Privilege Escalation
Sep 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-4813 MEDIUM
glibc < 2.36 - Use-After-Free in gaih_inet Function
Sep 12, 2023
CVSS 5.9
EPSS 0.02
CVE-2023-4918 HIGH
Keycloak 22.0.2 - Cleartext Transmission of Sensitive Information via User Registration Form
Sep 12, 2023
CVSS 8.8
EPSS 0.00