redhat

5,762 tracked vulnerabilities.

CVE-2026-35092 HIGH
Corosync: corosync: denial of service via integer overflow in join message validation
Apr 01, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-35091 HIGH
Corosync: corosync: denial of service and information disclosure via crafted udp packet
Apr 01, 2026
CVSS 8.2
EPSS 0.01
CVE-2026-5201 HIGH
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
Mar 31, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5165 MEDIUM
Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5164 MEDIUM
Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5121 HIGH
Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
Mar 30, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5119 MEDIUM
Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
Mar 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-28369 HIGH
Undertow: undertow: request smuggling via malformed http request headers
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-28368 HIGH
Undertow: undertow: request smuggling via inconsistent header parsing
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-28367 HIGH
Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-4948 MEDIUM
Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization
Mar 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-2272 MEDIUM
Gimp: gimp: memory corruption due to integer overflow in ico file handling
Mar 26, 2026
CVSS 4.3
EPSS 0.01
CVE-2026-2239 LOW
Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow
Mar 26, 2026
CVSS 2.8
EPSS 0.00
CVE-2026-2100 MEDIUM
P11-kit: p11-kit: null dereference via c_derivekey with specific null parameters
Mar 26, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-0968 LOW
Libssh: libssh: denial of service due to malformed sftp message
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-0967 MEDIUM
Libssh: libssh: denial of service via inefficient regular expression processing
Mar 26, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-0966 HIGH
Libssh: buffer underflow in ssh_get_hexa() on invalid input
Mar 26, 2026
CVSS 8.2
EPSS 0.01
CVE-2026-0965 LOW
Libssh: libssh: denial of service via improper configuration file handling
Mar 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-0964 MEDIUM
Libssh: improper sanitation of paths received from scp servers
Mar 26, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-2436 MEDIUM
Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-3190 MEDIUM
Keycloak: keycloak: information disclosure via improper role enforcement in uma 2.0 protection api
Mar 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3121 MEDIUM
Keycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permission
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4897 MEDIUM
Polkit: polkit: denial of service via unbounded input processing through standard input
Mar 26, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-4874 LOW
Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-4775 HIGH
Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing
Mar 24, 2026
CVSS 7.8
EPSS 0.01