Vulnerabilities in RED HAT

1,513 results
CVE-2026-1767MEDIUMLocalsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leading to denial of service or information disclosure via malformed mp3 id3 tagsEPSS 0.2%CVE-2026-12706MEDIUMFfmpeg: ffmpeg: heap use-after-free read in rasc decoder decode_move()EPSS 0.2%CVE-2019-19351HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the EPSS 0.2%CVE-2026-3442MEDIUMBinutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linkerEPSS 0.2%CVE-2023-4387HIGHKernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf()EPSS 0.2%CVE-2020-1706HIGHIt has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers EPSS 0.2%CVE-2026-56210HIGHLibaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_idEPSS 0.2%CVE-2019-19355HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access EPSS 0.2%CVE-2026-11611MEDIUM389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditionsEPSS 0.2%CVE-2026-12975HIGHApicurio/apicurio-registry: apicurio-registry: unhardened saxparser in content-type detection leads to blind xxe / ssrf / billion-laughs dosEPSS 0.2%CVE-2025-0577MEDIUMGlibc: vdso getrandom acceleration may return predictable randomnessEPSS 0.2%CVE-2024-45774MEDIUMGrub2: reader/jpeg: heap oob write during jpeg parsingEPSS 0.2%CVE-2024-12369MEDIUMElytron-oidc-client: oidc authorization code injectionEPSS 0.2%CVE-2026-32589HIGHMirror-registry: quay: insecure direct object reference in blobuploadEPSS 0.2%CVE-2025-5416LOWKeycloak-core: keycloak environment informationEPSS 0.2%CVE-2024-8235MEDIUMLibvirt: crash of virtinterfaced via virconnectlistinterfaces()EPSS 0.2%CVE-2023-39328MEDIUMOpenjpeg: denail of service via crafted image fileEPSS 0.2%CVE-2023-2680HIGHDma reentrancy issue (incomplete fix for cve-2021-3750)EPSS 0.2%CVE-2026-2092HIGHKeycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertionsEPSS 0.2%CVE-2026-4629MEDIUMKeycloak: keycloak: privilege escalation through hardcoded role mapper injectionEPSS 0.2%