Vulnerabilities in RED HAT

1,517 results
CVE-2026-9791MEDIUMKeycloak-rhel9: organization data leak after feature disabled in keycloakEPSS 0.2%CVE-2026-9689MEDIUMKeycloak: org.keycloak.protocol.oidc: http parameter pollution in oidc redirect uri allows response parameter duplication - #ghi-604EPSS 0.2%CVE-2026-11791MEDIUM389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()EPSS 0.2%CVE-2022-3466MEDIUMCri-o: security regression of cve-2022-27652EPSS 0.2%CVE-2023-4910MEDIUM3scale-admin-portal: logged out users tokens can be accessedEPSS 0.2%CVE-2025-0736MEDIUMOrg.infinispan-infinispan-parent: exposure of sensitive information in application logsEPSS 0.2%CVE-2024-45783MEDIUMGrub2: fs/hfs+: refcount can be decremented twiceEPSS 0.2%CVE-2025-4374MEDIUMQuay: incorrect privilege assignmentEPSS 0.2%CVE-2023-3397HIGHKernel: slab-use-after-free write in txend due to race conditionEPSS 0.2%CVE-2026-40916MEDIUMGimp: gimp: denial of service due to stack buffer overflow in tim image loaderEPSS 0.2%CVE-2026-1764MEDIUMLocalsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leads to denial of service or information disclosure when parsing mp3 filesEPSS 0.2%CVE-2023-4394MEDIUMMemory leak in btrfs_get_dev_args_from_path()EPSS 0.2%CVE-2019-10157MEDIUMIt was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backEPSS 0.2%CVE-2025-57849MEDIUMFuse: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2026-3632LOWLibsoup: libsoup: http smuggling and server-side request forgery via malformed hostnamesEPSS 0.2%CVE-2025-7738MEDIUMPython3.11-django-ansible-base: sensitive authenticator secrets returned in clear text via api in aapEPSS 0.2%CVE-2023-26590MEDIUMFloating point exception in src/aiff.cEPSS 0.2%CVE-2024-3716MEDIUMForeman-installer: candlepin database password being leaked to local users via the process listEPSS 0.2%CVE-2026-9798MEDIUMKeycloak: keycloak: brute-force protection bypass in ciba flowEPSS 0.2%CVE-2026-53701MEDIUMGstreamer1-plugins-bad-free: gstreamer: out-of-bounds write in h.266/vvc pps picture partition parserEPSS 0.2%