Vulnerabilities in RED HAT

1,514 results
CVE-2024-4812MEDIUMKatello: potential cross-site scripting exploit in uiEPSS 0.3%CVE-2025-49180HIGHXorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extensionEPSS 0.3%CVE-2023-5056MEDIUMSkupper-operator: privelege escalation via config mapEPSS 0.3%CVE-2024-7730HIGHQemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()EPSS 0.3%CVE-2026-56209HIGHLibaom: libaom: arbitrary address write via svc layer context oob and cyclic refresh map pointer hijackEPSS 0.3%CVE-2013-0266MEDIUMPuppetlabs-cinder: packstack: openstack: puppetlabs-cinder: information disclosure of openstack administrative passwords due to world-readable configuration files.EPSS 0.3%CVE-2025-12110MEDIUMKeycloak: org.keycloak:keycloak-services: user can refresh offline session even after client's offline_access scope was removedEPSS 0.3%CVE-2019-10205MEDIUMA flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker able to perform database queries in the Red EPSS 0.3%CVE-2026-5142MEDIUMForeman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypassEPSS 0.3%CVE-2024-1151MEDIUMKernel: stack overflow problem in open vswitch kernel module leading to dosEPSS 0.3%CVE-2024-8775MEDIUMAnsible-core: exposure of sensitive information in ansible vault files due to improper loggingEPSS 0.3%CVE-2026-58013MEDIUMGlib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"EPSS 0.3%CVE-2024-1048LOWGrub2: grub2-set-bootflag can be abused by local (pseudo-)usersEPSS 0.3%CVE-2025-0678HIGHGrub2: squash4: integer overflow may lead to heap based out-of-bounds write when reading dataEPSS 0.3%CVE-2025-6920MEDIUMAi-inference-server: authentication bypass via unprotected inference endpoint in apiEPSS 0.3%CVE-2025-62230HIGHXorg: xwayland: use-after-free in xkb client resource removalEPSS 0.3%CVE-2026-9792MEDIUMKeycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisitionEPSS 0.3%CVE-2026-9705MEDIUMKeycloak: keycloak: attacker can re-enable and take over disabled clients via registration access tokenEPSS 0.3%CVE-2024-10973MEDIUMKeycloak: cli option for encrypted jgroups ignoredEPSS 0.3%CVE-2022-4318HIGHCri-o: /etc/passwd tampering privescEPSS 0.3%