Vulnerabilities in RED HAT

1,513 results
CVE-2024-7259MEDIUMOvirt-engine: potential exposure of cleartext provider passwords via web uiEPSS 0.3%CVE-2025-11731LOWLibxslt: type confusion in exsltfuncresultcompfunction of libxsltEPSS 0.3%CVE-2023-6915MEDIUMKernel: null pointer dereference vulnerability in ida_free in lib/idr.cEPSS 0.3%CVE-2026-11792LOW389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)EPSS 0.3%CVE-2023-6039MEDIUMKernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnectEPSS 0.3%CVE-2026-0716MEDIUMLibsoup: out-of-bounds read in libsoup websocket frame processingEPSS 0.3%CVE-2023-4641MEDIUMShadow-utils: possible password leak during passwd(1) changeEPSS 0.3%CVE-2023-3972HIGHInsights-client: unsafe handling of temporary files and directoriesEPSS 0.3%CVE-2026-32591MEDIUMMirror-registry: quay: server-side request forgery in proxy cache upstream registry configurationEPSS 0.3%CVE-2020-10744MEDIUMAn incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from becomeEPSS 0.3%CVE-2023-4611HIGHUse after free race between mbind() and vma-locked page faultEPSS 0.3%CVE-2023-4132MEDIUMKernel: smsusb: use-after-free caused by do_submit_urb()EPSS 0.3%CVE-2023-4389HIGHKernel: btrfs: double free in btrfs_get_root_ref()EPSS 0.3%CVE-2024-0562HIGHKernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.cEPSS 0.3%CVE-2026-1530HIGHFog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validationEPSS 0.3%CVE-2026-5119MEDIUMLibsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishmentEPSS 0.3%CVE-2025-8941HIGHLinux-pam: incomplete fix for cve-2025-6020EPSS 0.3%CVE-2025-0686MEDIUMGrub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading datEPSS 0.3%CVE-2025-0685MEDIUMGrub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dataEPSS 0.3%CVE-2026-37977LOWKeycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claimEPSS 0.3%