Vulnerabilities in RED HAT

1,512 results
CVE-2025-8277LOWLibssh: memory exhaustion via repeated key exchange in libsshEPSS 0.4%CVE-2026-40915MEDIUMGimp: gimp: heap buffer overflow due to integer overflow in fits image loaderEPSS 0.4%CVE-2020-1740LOWA flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another EPSS 0.4%CVE-2025-32910MEDIUMLibsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authenticationEPSS 0.4%CVE-2025-32912MEDIUMLibsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authenticationEPSS 0.4%CVE-2025-1125HIGHGrub2: fs/hfs: integer overflow may lead to heap based out-of-bounds writeEPSS 0.4%CVE-2020-1698MEDIUMA flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. EPSS 0.4%CVE-2026-11807CRITICALEda-server: websocket missing authorization allows credential theft via activation_id spoofingEPSS 0.4%CVE-2025-47712MEDIUMNbd: nbdkit: integer overflow triggers an assertion resulting in denial of serviceEPSS 0.4%CVE-2025-7039LOWGlib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()EPSS 0.4%CVE-2026-37981MEDIUMKeycloak: org.keycloak.authorization: keycloak: information disclosure via broken access control in user lookup endpointEPSS 0.4%CVE-2026-1190LOWOrg.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdataEPSS 0.4%CVE-2025-26599HIGHXorg: xwayland: use of uninitialized pointer in compredirectwindow()EPSS 0.4%CVE-2025-26598HIGHXorg: xwayland: out-of-bounds write in createpointerbarrierclient()EPSS 0.4%CVE-2025-3910MEDIUMOrg.keycloak.authentication: two factor authentication bypassEPSS 0.4%CVE-2025-7784MEDIUMOrg.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled)EPSS 0.4%CVE-2022-4900MEDIUMPotential buffer overflow in php_cli_server_startup_workersEPSS 0.4%CVE-2026-37979MEDIUMKeycloak: keycloak: information disclosure via oidc token introspection endpoint audience bypassEPSS 0.4%CVE-2025-1057MEDIUMKeylime: keylime registrar dos due to incompatible database entry handlingEPSS 0.4%CVE-2023-43788MEDIUMLibxpm: out of bounds read in xpmcreatexpmimagefrombuffer()EPSS 0.4%