Total
2140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-11785 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2026-06-12 | N/A | 4.3 MEDIUM |
| A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users. | |||||
| CVE-2026-11786 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2026-06-12 | N/A | 1.9 LOW |
| A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation. | |||||
| CVE-2026-11787 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2026-06-12 | N/A | 5.0 MEDIUM |
| A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior. | |||||
| CVE-2026-11788 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2026-06-12 | N/A | 5.9 MEDIUM |
| A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure. | |||||
| CVE-2026-11789 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2026-06-12 | N/A | 4.9 MEDIUM |
| A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication. | |||||
| CVE-2026-11790 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2026-06-12 | N/A | 4.9 MEDIUM |
| A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption during authentication, resulting in denial of service. | |||||
| CVE-2026-50263 | 2 Redhat, X.org | 3 Enterprise Linux, X Server, Xwayland | 2026-06-11 | N/A | 5.5 MEDIUM |
| A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure. | |||||
| CVE-2026-50260 | 2 Redhat, X.org | 3 Enterprise Linux, X Server, Xwayland | 2026-06-11 | N/A | 7.8 HIGH |
| A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root. | |||||
| CVE-2026-4878 | 2 Libcap Project, Redhat | 3 Libcap, Enterprise Linux, Openshift Container Platform | 2026-06-11 | N/A | 6.7 MEDIUM |
| A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation. | |||||
| CVE-2026-28369 | 1 Redhat | 10 Build Of Apache Camel - Hawtio, Build Of Apache Camel For Spring Boot, Data Grid and 7 more | 2026-06-10 | N/A | 8.7 HIGH |
| A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate web caches, potentially leading to unauthorized actions or data exposure. | |||||
| CVE-2026-28368 | 1 Redhat | 10 Build Of Apache Camel - Hawtio, Build Of Apache Camel For Spring Boot, Data Grid and 7 more | 2026-06-10 | N/A | 8.7 HIGH |
| A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources. | |||||
| CVE-2026-5201 | 2 Gnome, Redhat | 4 Gdk-pixbuf, Enterprise Linux, Enterprise Linux Server Aus and 1 more | 2026-06-10 | N/A | 7.5 HIGH |
| A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions. | |||||
| CVE-2026-5121 | 2 Libarchive, Redhat | 4 Libarchive, Enterprise Linux, Hardened Images and 1 more | 2026-06-10 | N/A | 7.5 HIGH |
| A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system. | |||||
| CVE-2026-4775 | 3 Debian, Libtiff, Redhat | 4 Debian Linux, Libtiff, Enterprise Linux and 1 more | 2026-06-10 | N/A | 7.8 HIGH |
| A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution. | |||||
| CVE-2026-4424 | 2 Libarchive, Redhat | 7 Libarchive, Enterprise Linux, Enterprise Linux Server Aus and 4 more | 2026-06-10 | N/A | 7.5 HIGH |
| A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction. | |||||
| CVE-2025-14512 | 2 Gnome, Redhat | 3 Glib, Enterprise Linux, Openshift | 2026-06-10 | N/A | 6.5 MEDIUM |
| A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values. | |||||
| CVE-2025-14087 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2026-06-10 | N/A | 5.6 MEDIUM |
| A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings. | |||||
| CVE-2023-52356 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-06-10 | N/A | 7.5 HIGH |
| A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. | |||||
| CVE-2026-4480 | 2 Redhat, Samba | 3 Enterprise Linux, Openshift Container Platform, Samba | 2026-06-10 | N/A | 9.0 CRITICAL |
| A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system. | |||||
| CVE-2026-4408 | 2 Redhat, Samba | 3 Enterprise Linux, Openshift Container Platform, Samba | 2026-06-10 | N/A | 9.0 CRITICAL |
| A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service. | |||||