Filtered by vendor Redhat
Subscriptions
Total
22863 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47287 | 1 Redhat | 5 Enterprise Linux, Rhel E4s, Rhel Els and 2 more | 2025-05-29 | 7.5 High |
| Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy. | ||||
| CVE-2025-1118 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-05-29 | 4.4 Medium |
| A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory. | ||||
| CVE-2025-0677 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-05-29 | 6.4 Medium |
| A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms. | ||||
| CVE-2025-0622 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-05-29 | 6.4 Medium |
| A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections. | ||||
| CVE-2024-5564 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-05-28 | 8.1 High |
| A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information. | ||||
| CVE-2022-41222 | 5 Canonical, Debian, Linux and 2 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2025-05-28 | 7 High |
| mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | ||||
| CVE-2022-41218 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-05-28 | 5.5 Medium |
| In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. | ||||
| CVE-2022-38178 | 5 Debian, Fedoraproject, Isc and 2 more | 8 Debian Linux, Fedora, Bind and 5 more | 2025-05-28 | 7.5 High |
| By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | ||||
| CVE-2022-38177 | 5 Debian, Fedoraproject, Isc and 2 more | 8 Debian Linux, Fedora, Bind and 5 more | 2025-05-28 | 7.5 High |
| By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | ||||
| CVE-2025-4057 | 1 Redhat | 2 Amq Broker, Rhosemc | 2025-05-28 | 5.5 Medium |
| A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies. | ||||
| CVE-2025-31215 | 2 Apple, Redhat | 11 Ipados, Iphone Os, Macos and 8 more | 2025-05-28 | 6.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-4919 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2025-05-28 | 8.8 High |
| An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | ||||
| CVE-2025-4918 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2025-05-28 | 7.5 High |
| An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | ||||
| CVE-2025-23166 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2025-05-28 | N/A |
| The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary to remotely crash a Node.js runtime. | ||||
| CVE-2025-23165 | 1 Redhat | 1 Enterprise Linux | 2025-05-28 | N/A |
| In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Impact: * This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22. | ||||
| CVE-2025-46420 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2025-05-27 | 6.5 Medium |
| A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes. | ||||
| CVE-2025-32051 | 1 Redhat | 1 Enterprise Linux | 2025-05-27 | 5.9 Medium |
| A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS). | ||||
| CVE-2025-31257 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2025-05-27 | 4.7 Medium |
| This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2022-37026 | 2 Erlang, Redhat | 2 Erlang\/otp, Openstack | 2025-05-27 | 9.8 Critical |
| In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. | ||||
| CVE-2025-3359 | 1 Redhat | 1 Enterprise Linux | 2025-05-27 | 6.2 Medium |
| A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. | ||||