Filtered by vendor Redhat
Subscriptions
Total
22972 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2240 | 1 Redhat | 9 Apache Camel Spring Boot, Apicurio Registry, Camel Quarkus and 6 more | 2025-08-04 | 7.5 High |
| A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue. | ||||
| CVE-2024-31420 | 1 Redhat | 1 Container Native Virtualization | 2025-08-04 | 6.5 Medium |
| A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine. | ||||
| CVE-2023-5090 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-08-04 | 6 Medium |
| A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. | ||||
| CVE-2024-2182 | 1 Redhat | 1 Enterprise Linux | 2025-08-04 | 6.5 Medium |
| A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. | ||||
| CVE-2023-6610 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Logging and 2 more | 2025-08-04 | 7.1 High |
| An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. | ||||
| CVE-2023-6606 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 5 more | 2025-08-04 | 7.1 High |
| An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. | ||||
| CVE-2023-6536 | 3 Debian, Linux, Redhat | 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more | 2025-08-04 | 6.5 Medium |
| A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. | ||||
| CVE-2023-6535 | 2 Linux, Redhat | 19 Linux Kernel, Codeready Linux Builder Eus, Codeready Linux Builder Eus For Power Little Endian Eus and 16 more | 2025-08-04 | 6.5 Medium |
| A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. | ||||
| CVE-2023-6356 | 3 Debian, Linux, Redhat | 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more | 2025-08-04 | 6.5 Medium |
| A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. | ||||
| CVE-2024-52337 | 1 Redhat | 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more | 2025-08-04 | 5.5 Medium |
| A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations. | ||||
| CVE-2024-12133 | 1 Redhat | 4 Discovery, Enterprise Linux, Openshift and 1 more | 2025-08-03 | 5.3 Medium |
| A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. | ||||
| CVE-2024-2236 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2025-08-03 | 5.9 Medium |
| A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. | ||||
| CVE-2023-7192 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-08-03 | 5.5 Medium |
| A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | ||||
| CVE-2023-4459 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-08-03 | 5.5 Medium |
| A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. | ||||
| CVE-2025-24855 | 1 Redhat | 7 Enterprise Linux, Openshift, Rhel Aus and 4 more | 2025-08-02 | 7.8 High |
| numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. | ||||
| CVE-2024-52046 | 2 Apache, Redhat | 2 Mina, Apache Camel Spring Boot | 2025-08-02 | 9.8 Critical |
| The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process by sending specially crafted malicious serialized data, potentially leading to remote code execution (RCE) attacks. This issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4. It's also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library. Upgrading will not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods: /** * Accept class names where the supplied ClassNameMatcher matches for * deserialization, unless they are otherwise rejected. * * @param classNameMatcher the matcher to use */ public void accept(ClassNameMatcher classNameMatcher) /** * Accept class names that match the supplied pattern for * deserialization, unless they are otherwise rejected. * * @param pattern standard Java regexp */ public void accept(Pattern pattern) /** * Accept the wildcard specified classes for deserialization, * unless they are otherwise rejected. * * @param patterns Wildcard file name patterns as defined by * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch} */ public void accept(String... patterns) By default, the decoder will reject *all* classes that will be present in the incoming data. Note: The FtpServer, SSHd and Vysper sub-project are not affected by this issue. | ||||
| CVE-2025-1634 | 1 Redhat | 3 Amq Streams, Camel Quarkus, Quarkus | 2025-08-01 | 7.5 High |
| A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError. | ||||
| CVE-2024-10963 | 1 Redhat | 4 Enterprise Linux, Openshift, Openshift Ai and 1 more | 2025-08-01 | 7.4 High |
| A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals. | ||||
| CVE-2024-3183 | 1 Redhat | 9 Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Eus and 6 more | 2025-08-01 | 8.1 High |
| A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). | ||||
| CVE-2025-49177 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2025-08-01 | 6.1 Medium |
| A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests. | ||||