Vulnerabilities in RED HAT

1,512 results
CVE-2026-2603HIGHKeycloak: keycloak: unauthorized authentication via disabled saml identity providerEPSS 0.4%CVE-2025-6035MEDIUMGimp: gimp integer overflowEPSS 0.4%CVE-2023-6270HIGHKernel: aoe: improper reference count leads to use-after-free vulnerabilityEPSS 0.4%CVE-2019-14845MEDIUMA vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hosEPSS 0.4%CVE-2023-4135MEDIUMOut-of-bounds read information disclosure vulnerabilityEPSS 0.4%CVE-2023-40549MEDIUMShim: out-of-bounds read in verify_buffer_authenticode() malformed pe fileEPSS 0.4%CVE-2025-14874HIGHNodemailer: nodemailer: denial of service via crafted email address headerEPSS 0.4%CVE-2023-42754MEDIUMKernel: ipv4: null pointer dereference in ipv4_send_dest_unreach()EPSS 0.4%CVE-2026-0964MEDIUMLibssh: improper sanitation of paths received from scp serversEPSS 0.4%CVE-2020-14332MEDIUMA flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensEPSS 0.4%CVE-2025-5372MEDIUMLibssh: incorrect return code handling in ssh_kdf() in libsshEPSS 0.4%CVE-2025-59088HIGHPython-kdcproxy: unauthenticated ssrf via realm‑controlled dns srvEPSS 0.4%CVE-2020-1746MEDIUMA flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 EPSS 0.4%CVE-2026-12725MEDIUMDnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey repliesEPSS 0.4%CVE-2026-34956MEDIUMOpenvswitch: open vswitch: denial of service via malformed ftp epasv commandEPSS 0.4%CVE-2026-2377MEDIUMMirror-registry: quay: quay: server-side request forgery via log export functionalityEPSS 0.4%CVE-2019-10183LOWVirt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interactioEPSS 0.4%CVE-2022-3248MEDIUMOpenshift api admission checks does not enforce "custom-host" permissionsEPSS 0.4%CVE-2020-1736LOWA flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destEPSS 0.4%CVE-2020-1733MEDIUMA race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unpriviEPSS 0.4%