Redhat Security Vulnerabilities (CVEs)

An authenticated user can inject malicious input into GraphQL queries in Red Hat Developer Hub's Orchestrator Plugin, causing the entire Backstage app...

A local privilege escalation vulnerability in udisks allows unprivileged users to trigger the root-owned daemon to overwrite LUKS encryption headers. ...

A denial-of-service vulnerability in Nodemailer allows attackers to crash email-sending applications by sending specially crafted email addresses that...

This vulnerability in GLib's GIO component allows heap buffer overflow and denial-of-service via integer overflow when processing malicious file attri...

A buffer-underflow vulnerability in GLib's GVariant parser allows remote attackers to cause heap corruption by sending maliciously crafted input strin...

A vulnerability in ansible-collection-community-general exposes plaintext passwords in verbose output when running Ansible with debug modes. Attackers...

A heap-based buffer overflow vulnerability in glib's g_escape_uri_string() function allows attackers to write beyond allocated memory boundaries when ...

This vulnerability in Ceph's RGW (RADOS Gateway) allows attackers to cause a denial-of-service by sending a specific S3 API request with an empty stri...

This vulnerability in Undertow allows malicious clients to send malformed requests that trigger server-side stream resets without incrementing abuse c...

A privilege escalation vulnerability in Keycloak allows administrative users with the manage-users role to elevate their privileges to realm-admin whe...

A type confusion vulnerability in libxslt's psvi memory field allows attackers to crash applications or corrupt memory during XML transformations. Thi...

This CVE describes a heap-buffer-overflow vulnerability in GnuTLS's certtool utility when parsing template files. An attacker can trigger memory corru...

A heap-buffer-overread vulnerability in GnuTLS allows attackers to create malicious certificates with malformed Certificate Transparency extensions th...

A vulnerability in libssh versions built with OpenSSL <3.0 causes the ssh_kdf() function to incorrectly report successful key derivation when it actua...

CVE-2025-6920 is an authentication bypass vulnerability in ai-inference-server's model inference API. The POST /invocations endpoint fails to validate...

This vulnerability in Infinispan CLI exposes sensitive passwords in error messages when commands fail. Attackers could potentially capture passwords b...

This vulnerability in libssh allows an authenticated remote attacker to trigger an out-of-bounds read in the sftp_handle function, potentially exposin...

This CVE describes an integer overflow vulnerability in libxml2's xmlBuildQName function that can cause stack-based buffer overflow when processing ma...

This CVE describes an integer overflow vulnerability in libarchive's RAR handling function that leads to a double-free condition. Attackers can exploi...

This vulnerability in systemd-coredump allows attackers to exploit a race condition to access privileged process coredumps. By forcing a SUID process ...

This vulnerability in Pagure server allows authenticated malicious users to create symbolic links in git repositories that expose files outside the re...

A privilege escalation vulnerability in Quay container registry allows users or robots to gain administrative permissions on newly created repositorie...

A NULL pointer dereference vulnerability exists in fig2dev's genge_itp_spline function, allowing local attackers to cause denial of service through in...

A buffer overflow vulnerability in xfig's bezier_spline function allows local attackers to execute arbitrary code by manipulating input. This affects ...

CVE-2025-3155 is a vulnerability in Yelp (the GNOME help application) that allows malicious help documents to execute arbitrary scripts. This could en...

CVE-2025-2784 is a heap buffer over-read vulnerability in libsoup's skip_insight_whitespace() function. When processing a malicious HTTP response, lib...

This vulnerability in WildFly Elytron integration allows attackers to perform brute force attacks against CLI authentication due to insufficient rate ...

A heap-based buffer overflow vulnerability in grub2's squash4 filesystem module allows attackers to execute arbitrary code by crafting malicious files...

A stack overflow vulnerability in GRUB2's BFS filesystem parser allows an attacker to crash the bootloader by providing a specially crafted BFS filesy...

This vulnerability in the HFS filesystem driver allows attackers to trigger a heap-based buffer overflow by providing a specially crafted volume name....

MongoDB Compass versions before 1.42.1 are vulnerable to local privilege escalation when a malicious file is placed in the C:\node_modules\ directory....

MongoDB Shell (mongosh) versions before 2.3.0 are vulnerable to local privilege escalation when a malicious file is placed in C:\node_modules\. This a...

This CVE describes an uninitialized pointer vulnerability in X.Org and Xwayland display servers. When compCheckRedirect() fails to allocate a backing ...

A use-after-free vulnerability in X.Org and Xwayland allows attackers to potentially execute arbitrary code or cause denial of service when a device i...

A use-after-free vulnerability in X.Org and Xwayland allows attackers to potentially execute arbitrary code or cause denial of service. This affects s...

A use-after-free vulnerability in X.Org and Xwayland allows attackers to potentially crash the X server or execute arbitrary code by freeing the root ...

A stack-based buffer overflow vulnerability in X.Org and Xwayland allows attackers to execute arbitrary code or cause denial of service. This affects ...

A heap buffer overflow vulnerability in X.Org and Xwayland allows attackers to write beyond allocated memory boundaries. This affects systems using X1...

A buffer overflow vulnerability in X.Org and Xwayland allows attackers to execute arbitrary code or cause denial of service by exploiting improper mem...

This CVE describes an out-of-bounds write vulnerability in X.Org and Xwayland where the GetBarrierDevice() function incorrectly returns the last eleme...

This vulnerability in grub2 allows attackers to trigger an out-of-bounds write when processing language files, potentially overwriting sensitive heap ...

This OpenSSH vulnerability allows machine-in-the-middle attacks when VerifyHostKeyDNS is enabled. Attackers can impersonate legitimate servers by expl...

This vulnerability allows users with Monitor or Auditor roles in Wildfly Server to suspend or resume the server despite having only read permissions. ...

This CVE describes a cross-site scripting (XSS) vulnerability in the HAL Console of Wildfly's management interface. Authenticated users with SuperUser...

This vulnerability in rsync allows attackers to leak uninitialized stack memory one byte at a time by manipulating checksum length during file compari...

This rsync vulnerability allows a malicious server to read arbitrary files from a client's machine during file transfer operations. Attackers can reco...

A path traversal vulnerability in rsync's --safe-links option allows attackers to write files outside intended directories when the client fails to pr...

This vulnerability in mutt and neomutt email clients allows attackers to reuse signed but unencrypted email messages by manipulating the In-Reply-To h...