Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15514 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2900 | 2 Ibm, Redhat | 2 Semeru Runtime, Enterprise Linux | 2025-08-28 | 7.5 High |
| IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation. | ||||
| CVE-2024-43499 | 4 Apple, Linux, Microsoft and 1 more | 6 Macos, Linux Kernel, .net and 3 more | 2025-08-27 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2020-36518 | 5 Debian, Fasterxml, Netapp and 2 more | 49 Debian Linux, Jackson-databind, Active Iq Unified Manager and 46 more | 2025-08-27 | 7.5 High |
| jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | ||||
| CVE-2019-12814 | 3 Debian, Fasterxml, Redhat | 12 Debian Linux, Jackson-databind, Amq Streams and 9 more | 2025-08-27 | 5.9 Medium |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server. | ||||
| CVE-2023-38545 | 5 Fedoraproject, Haxx, Microsoft and 2 more | 19 Fedora, Libcurl, Windows 10 1809 and 16 more | 2025-08-27 | 8.8 High |
| This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with. | ||||
| CVE-2020-10673 | 5 Debian, Fasterxml, Netapp and 2 more | 41 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 38 more | 2025-08-27 | 8.8 High |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). | ||||
| CVE-2023-3899 | 2 Fedoraproject, Redhat | 24 Fedora, Enterprise Linux, Enterprise Linux Desktop and 21 more | 2025-08-27 | 7.8 High |
| A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root. | ||||
| CVE-2025-0650 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-08-27 | 8.1 High |
| A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network. | ||||
| CVE-2024-31082 | 1 Redhat | 1 Enterprise Linux | 2025-08-27 | 7.3 High |
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | ||||
| CVE-2024-3019 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2025-08-27 | 8.8 High |
| A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. | ||||
| CVE-2024-0582 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-08-27 | 7.8 High |
| A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2023-4147 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2025-08-27 | 7.8 High |
| A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. | ||||
| CVE-2024-21145 | 3 Netapp, Oracle, Redhat | 15 Bluexp, Cloud Insights Storage Workload Security Agent, Oncommand Insight and 12 more | 2025-08-26 | 4.8 Medium |
| Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). | ||||
| CVE-2024-31227 | 2 Redhat, Redis | 2 Enterprise Linux, Redis | 2025-08-26 | 4.4 Medium |
| Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-2314 | 3 Iovisor, Linux, Redhat | 3 Bpf Compiler Collection, Linux Kernel, Enterprise Linux | 2025-08-26 | 2.8 Low |
| If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. | ||||
| CVE-2008-0888 | 5 Apple, Canonical, Debian and 2 more | 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more | 2025-08-26 | N/A |
| The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data. | ||||
| CVE-2023-45802 | 4 Apache, Debian, Fedoraproject and 1 more | 6 Http Server, Debian Linux, Fedora and 3 more | 2025-08-25 | 5.9 Medium |
| When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. | ||||
| CVE-2022-1615 | 3 Fedoraproject, Redhat, Samba | 5 Fedora, Enterprise Linux, Rhel Eus and 2 more | 2025-08-22 | 5.5 Medium |
| In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. | ||||
| CVE-2025-5351 | 2 Libssh, Redhat | 4 Libssh, Enterprise Linux, Openshift and 1 more | 2025-08-22 | 4.2 Medium |
| A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed. | ||||
| CVE-2018-25032 | 13 Apple, Azul, Debian and 10 more | 47 Mac Os X, Macos, Zulu and 44 more | 2025-08-21 | 7.5 High |
| zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||||