Filtered by vendor Redhat
Subscribe
Total
5753 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17485 | 4 Debian, Fasterxml, Netapp and 1 more | 9 Debian Linux, Jackson-databind, E-series Santricity Os Controller and 6 more | 2025-08-27 | 7.5 HIGH | 9.8 CRITICAL |
| FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. | |||||
| CVE-2025-47711 | 2 Nbdkit Project, Redhat | 3 Nbdkit, Enterprise Linux, Enterprise Linux Advanced Virtualization | 2025-08-26 | N/A | 4.3 MEDIUM |
| There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service. | |||||
| CVE-2025-5915 | 2 Libarchive, Redhat | 3 Libarchive, Enterprise Linux, Openshift Container Platform | 2025-08-25 | N/A | 3.9 LOW |
| A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions. | |||||
| CVE-2024-9675 | 2 Buildah Project, Redhat | 14 Buildah, Enterprise Linux, Enterprise Linux Eus and 11 more | 2025-08-25 | N/A | 7.8 HIGH |
| A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | |||||
| CVE-2025-5351 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift Container Platform | 2025-08-22 | N/A | 4.2 MEDIUM |
| A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed. | |||||
| CVE-2025-7365 | 1 Redhat | 1 Keycloak | 2025-08-21 | N/A | 5.4 MEDIUM |
| A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an identity provider (IdP) login, the attacker will subsequently be prompted to "review profile" information. This vulnerability allows the attacker to modify their email address to match that of a victim's account, triggering a verification email sent to the victim's email address. The attacker's email address is not present in the verification email content, making it a potential phishing opportunity. If the victim clicks the verification link, the attacker can gain access to the victim's account. | |||||
| CVE-2021-3670 | 3 Fedoraproject, Redhat, Samba | 3 Fedora, Storage, Samba | 2025-08-21 | N/A | 6.5 MEDIUM |
| MaxQueryDuration not honoured in Samba AD DC LDAP | |||||
| CVE-2025-47712 | 2 Nbdkit Project, Redhat | 3 Nbdkit, Enterprise Linux, Enterprise Linux Advanced Virtualization | 2025-08-21 | N/A | 4.3 MEDIUM |
| A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. | |||||
| CVE-2025-6017 | 1 Redhat | 1 Advanced Cluster Management For Kubernetes | 2025-08-20 | N/A | 5.5 MEDIUM |
| A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before 2.11.4, and 2.12, before 2.12.4. This vulnerability allows an unprivileged user to view confidential managed cluster credentials through the UI. This information should only be accessible to authorized users and may result in the loss of confidentiality of administrative information, which could be leaked to unauthorized actors. | |||||
| CVE-2023-40694 | 2 Ibm, Redhat | 2 Watson Cp4d Data Stores, Openshift | 2025-08-20 | N/A | 6.2 MEDIUM |
| IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838. | |||||
| CVE-2025-6920 | 1 Redhat | 1 Ai Inference Server | 2025-08-18 | N/A | 5.3 MEDIUM |
| A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows unauthorized users to access the same inference features available on protected endpoints, potentially exposing sensitive functionality or allowing unintended access to backend resources. | |||||
| CVE-2024-9453 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Developer Tools And Services | 2025-08-18 | N/A | 6.5 MEDIUM |
| A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if they have access to sensitive information. | |||||
| CVE-2023-39328 | 2 Redhat, Uclouvain | 2 Enterprise Linux, Openjpeg | 2025-08-18 | N/A | 5.5 MEDIUM |
| A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file. | |||||
| CVE-2025-3910 | 1 Redhat | 1 Build Of Keycloak | 2025-08-18 | N/A | 5.4 MEDIUM |
| A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication. | |||||
| CVE-2023-6377 | 4 Debian, Redhat, Tigervnc and 1 more | 6 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 3 more | 2025-08-18 | N/A | 7.8 HIGH |
| A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. | |||||
| CVE-2025-5918 | 2 Libarchive, Redhat | 3 Libarchive, Enterprise Linux, Openshift Container Platform | 2025-08-15 | N/A | 3.9 LOW |
| A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. | |||||
| CVE-2024-51465 | 2 Ibm, Redhat | 2 App Connect Enterprise Certified Container, Openshift | 2025-08-14 | N/A | 8.8 HIGH |
| IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | |||||
| CVE-2022-43916 | 2 Ibm, Redhat | 2 App Connect Enterprise Certified Container, Openshift | 2025-08-13 | N/A | 6.8 MEDIUM |
| IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure. | |||||
| CVE-2025-36048 | 6 Apple, Ibm, Linux and 3 more | 6 Macos, Webmethods Integration, Linux Kernel and 3 more | 2025-08-13 | N/A | 7.2 HIGH |
| IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges. | |||||
| CVE-2025-36049 | 6 Apple, Ibm, Linux and 3 more | 6 Macos, Webmethods Integration, Linux Kernel and 3 more | 2025-08-13 | N/A | 8.8 HIGH |
| IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands. | |||||