Total
2146 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3833 | 2 Gnu, Redhat | 4 Gnutls, Enterprise Linux, Hardened Images and 1 more | 2026-06-02 | N/A | 6.5 MEDIUM |
| A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure. | |||||
| CVE-2026-33845 | 2 Gnu, Redhat | 3 Gnutls, Enterprise Linux, Openshift Container Platform | 2026-06-02 | N/A | 7.5 HIGH |
| A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service. | |||||
| CVE-2026-9149 | 2 Opensuse, Redhat | 6 Libsolv, Enterprise Linux, Hardened Images and 3 more | 2026-06-02 | N/A | 6.5 MEDIUM |
| A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could exploit this to cause a denial of service (DoS). | |||||
| CVE-2026-48864 | 2 Opensuse, Redhat | 6 Libsolv, Enterprise Linux, Hardened Images and 3 more | 2026-05-28 | N/A | 7.8 HIGH |
| A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result in information disclosure, alteration of program execution, or a denial of service. | |||||
| CVE-2026-35092 | 2 Corosync, Redhat | 3 Corosync, Enterprise Linux, Openshift | 2026-05-26 | N/A | 7.5 HIGH |
| A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode. | |||||
| CVE-2026-35091 | 2 Corosync, Redhat | 3 Corosync, Enterprise Linux, Openshift | 2026-05-26 | N/A | 8.2 HIGH |
| A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents | |||||
| CVE-2026-31431 | 11 Amazon, Arista, Canonical and 8 more | 43 Amazon Linux, Cloudvision Agni, Cloudvision Portal and 40 more | 2026-05-21 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. | |||||
| CVE-2026-6843 | 2 Gnu, Redhat | 3 Nano, Enterprise Linux, Openshift Container Platform | 2026-05-20 | N/A | 5.5 MEDIUM |
| A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application attempts to display this name, leading to a segmentation fault (SEGV). This results in a Denial of Service (DoS) for the `nano` application. | |||||
| CVE-2026-6844 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux, Hardened Images and 1 more | 2026-05-20 | N/A | 5.5 MEDIUM |
| A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the `readelf` utility becoming unresponsive or crashing, leading to a denial of service. | |||||
| CVE-2026-6845 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux, Hardened Images and 1 more | 2026-05-20 | N/A | 5.0 MEDIUM |
| A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash. | |||||
| CVE-2026-6846 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux, Hardened Images and 1 more | 2026-05-20 | N/A | 7.8 HIGH |
| A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution, allowing the attacker to run unauthorized commands, or cause a denial of service, making the system unavailable. | |||||
| CVE-2026-4271 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-05-19 | N/A | 5.3 MEDIUM |
| A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS). | |||||
| CVE-2026-0968 | 2 Libssh, Redhat | 2 Libssh, Enterprise Linux | 2026-05-19 | N/A | 3.1 LOW |
| A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes. | |||||
| CVE-2026-0967 | 2 Libssh, Redhat | 2 Libssh, Enterprise Linux | 2026-05-19 | N/A | 5.5 MEDIUM |
| A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client. | |||||
| CVE-2026-0966 | 2 Libssh, Redhat | 4 Libssh, Enterprise Linux, Hardened Images and 1 more | 2026-05-19 | N/A | 8.2 HIGH |
| A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_PACKET (3)` or higher. Successful exploitation could lead to a self-Denial of Service of the per-connection daemon process. | |||||
| CVE-2026-0965 | 2 Libssh, Redhat | 2 Libssh, Enterprise Linux | 2026-05-19 | N/A | 3.3 LOW |
| A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations. | |||||
| CVE-2026-0964 | 2 Libssh, Redhat | 4 Libssh, Enterprise Linux, Hardened Images and 1 more | 2026-05-19 | N/A | 6.3 MEDIUM |
| A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111. | |||||
| CVE-2026-4948 | 2 Firewalld, Redhat | 2 Firewalld, Enterprise Linux | 2026-05-15 | N/A | 5.5 MEDIUM |
| A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations. | |||||
| CVE-2026-6732 | 2 Redhat, Xmlsoft | 5 Enterprise Linux, Hardened Images, Jboss Core Services and 2 more | 2026-05-15 | N/A | 6.5 MEDIUM |
| A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable. | |||||
| CVE-2026-2708 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-05-04 | N/A | 3.7 LOW |
| A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker to send HTTP requests containing multiple Content-Length headers with differing values. | |||||