Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15354 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49178 | 1 Redhat | 2 Enterprise Linux, Rhel Aus | 2025-06-30 | 5.5 Medium |
| A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service. | ||||
| CVE-2024-10041 | 2 Linux-pam, Redhat | 3 Linux-pam, Enterprise Linux, Rhel Eus | 2025-06-30 | 4.7 Medium |
| A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. | ||||
| CVE-2025-49180 | 1 Redhat | 2 Enterprise Linux, Rhel Aus | 2025-06-30 | 7.8 High |
| A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. | ||||
| CVE-2025-49179 | 1 Redhat | 2 Enterprise Linux, Rhel Aus | 2025-06-30 | 7.3 High |
| A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks. | ||||
| CVE-2025-49176 | 1 Redhat | 2 Enterprise Linux, Rhel Aus | 2025-06-30 | 7.3 High |
| A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check. | ||||
| CVE-2025-49175 | 1 Redhat | 2 Enterprise Linux, Rhel Aus | 2025-06-30 | 6.1 Medium |
| A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. | ||||
| CVE-2024-11218 | 1 Redhat | 7 Enterprise Linux, Openshift, Openshift Ironic and 4 more | 2025-06-30 | 8.6 High |
| A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. | ||||
| CVE-2023-46218 | 3 Fedoraproject, Haxx, Redhat | 7 Fedora, Curl, Enterprise Linux and 4 more | 2025-06-30 | 6.5 Medium |
| This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. | ||||
| CVE-2023-38709 | 7 Apache, Apple, Broadcom and 4 more | 9 Http Server, Macos, Fabric Operating System and 6 more | 2025-06-30 | 7.3 High |
| Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. | ||||
| CVE-2024-24795 | 7 Apache, Apple, Broadcom and 4 more | 8 Http Server, Macos, Fabric Operating System and 5 more | 2025-06-30 | 6.3 Medium |
| HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. | ||||
| CVE-2024-25580 | 2 Qt, Redhat | 2 Qt, Enterprise Linux | 2025-06-30 | 6.2 Medium |
| An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file. | ||||
| CVE-2024-1936 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Thunderbird, Enterprise Linux and 4 more | 2025-06-30 | 7.5 High |
| The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects Thunderbird < 115.8.1. | ||||
| CVE-2025-49177 | 1 Redhat | 1 Enterprise Linux | 2025-06-30 | 6.1 Medium |
| A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests. | ||||
| CVE-2025-5791 | 1 Redhat | 3 Enterprise Linux, Openshift, Trusted Profile Analyzer | 2025-06-30 | 7.1 High |
| A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list. | ||||
| CVE-2025-6019 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2025-06-30 | 7 High |
| A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. | ||||
| CVE-2023-26590 | 3 Fedoraproject, Redhat, Sound Exchange Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2025-06-27 | 6.2 Medium |
| A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service. | ||||
| CVE-2023-32627 | 3 Fedoraproject, Redhat, Sound Exchange Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2025-06-27 | 6.2 Medium |
| A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service. | ||||
| CVE-2023-34318 | 3 Fedoraproject, Redhat, Sound Exchange Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2025-06-27 | 7.8 High |
| A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure. | ||||
| CVE-2022-3077 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-06-27 | 5.5 Medium |
| A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system. | ||||
| CVE-2024-41013 | 1 Redhat | 1 Enterprise Linux | 2025-06-27 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to make sure don't stray beyond valid memory region. Before patching, the loop simply checks that the start offset of the dup and dep is within the range. So in a crafted image, if last entry is xfs_dir2_data_unused, we can change dup->length to dup->length-1 and leave 1 byte of space. In the next traversal, this space will be considered as dup or dep. We may encounter an out of bound read when accessing the fixed members. In the patch, we make sure that the remaining bytes large enough to hold an unused entry before accessing xfs_dir2_data_unused and xfs_dir2_data_unused is XFS_DIR2_DATA_ALIGN byte aligned. We also make sure that the remaining bytes large enough to hold a dirent with a single-byte name before accessing xfs_dir2_data_entry. | ||||