Total
2151 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-44070 | 2 Frrouting, Redhat | 2 Frrouting, Enterprise Linux | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. | |||||
| CVE-2024-3567 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2026-06-17 | N/A | 5.5 MEDIUM |
| A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. | |||||
| CVE-2024-3183 | 1 Redhat | 5 Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Eus and 2 more | 2026-06-17 | N/A | 8.1 HIGH |
| A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). | |||||
| CVE-2024-3056 | 3 Fedoraproject, Podman Project, Redhat | 4 Fedora, Podman, Enterprise Linux and 1 more | 2026-06-17 | N/A | 7.7 HIGH |
| A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system. | |||||
| CVE-2024-3049 | 2 Clusterlabs, Redhat | 8 Booth, Enterprise Linux, Enterprise Linux Eus and 5 more | 2026-06-17 | N/A | 5.9 MEDIUM |
| A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. | |||||
| CVE-2024-2698 | 2 Freeipa, Redhat | 3 Freeipa, Enterprise Linux, Enterprise Linux Eus | 2026-06-17 | N/A | 8.8 HIGH |
| A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request. In FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule. | |||||
| CVE-2024-2496 | 2 Debian, Redhat | 3 Debian Linux, Enterprise Linux, Libvirt | 2026-06-17 | N/A | 5.0 MEDIUM |
| A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash. | |||||
| CVE-2024-2002 | 3 Fedoraproject, Libdwarf Project, Redhat | 3 Fedora, Libdwarf, Enterprise Linux | 2026-06-17 | N/A | 7.5 HIGH |
| A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results. | |||||
| CVE-2024-23301 | 4 Fedoraproject, Redhat, Relax-and-recover and 1 more | 4 Fedora, Enterprise Linux, Relax-and-recover and 1 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. | |||||
| CVE-2024-1488 | 2 Fedoraproject, Redhat | 19 Unbound, Codeready Linux Builder, Codeready Linux Builder Eus and 16 more | 2026-06-17 | N/A | 8.0 HIGH |
| A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. | |||||
| CVE-2024-1454 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2026-06-17 | N/A | 3.4 LOW |
| The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can allow for compromised card management operations during enrolment. | |||||
| CVE-2024-1151 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues. | |||||
| CVE-2024-1062 | 2 Fedoraproject, Redhat | 13 Fedora, 389 Directory Server, Directory Server and 10 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. | |||||
| CVE-2024-1048 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Grub2, Enterprise Linux | 2026-06-17 | N/A | 3.3 LOW |
| A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks. | |||||
| CVE-2024-10033 | 1 Redhat | 4 Ansible Automation Platform, Ansible Developer, Ansible Inside and 1 more | 2026-06-17 | N/A | 6.1 MEDIUM |
| A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the "?next=" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data. | |||||
| CVE-2024-0914 | 2 Opencryptoki Project, Redhat | 2 Opencryptoki, Enterprise Linux | 2026-06-17 | N/A | 5.9 MEDIUM |
| A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. | |||||
| CVE-2024-0841 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-06-17 | N/A | 6.6 MEDIUM |
| A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. | |||||
| CVE-2024-0775 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-06-17 | N/A | 6.7 MEDIUM |
| A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. | |||||
| CVE-2024-0690 | 2 Fedoraproject, Redhat | 6 Fedora, Ansible, Ansible Automation Platform and 3 more | 2026-06-17 | N/A | 5.0 MEDIUM |
| An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. | |||||
| CVE-2024-0646 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-06-17 | N/A | 7.0 HIGH |
| An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||