Redhat Security Vulnerabilities (CVEs)

This CVE describes a template injection vulnerability in Ansible where unsafe template data can be executed, potentially allowing attackers to run arb...

This CVE-2023-5869 vulnerability in PostgreSQL allows authenticated database users to execute arbitrary code on the server through an integer overflow...

CVE-2023-6394 is an authentication bypass vulnerability in Quarkus where GraphQL operations over WebSocket connections are processed without proper ro...

An out-of-bounds read vulnerability in the Linux kernel's SMB client implementation allows local attackers to read kernel memory. This could lead to s...

Squid proxy server is vulnerable to a denial-of-service attack where remote attackers can crash the service by sending specially crafted ftp:// URLs i...

A vulnerability in Squid proxy server allows cached HTTP response headers to exceed configured size limits, causing worker process stalls or crashes w...

CVE-2023-5408 is a privilege escalation vulnerability in OpenShift's Kubernetes API server node restriction admission plugin. A remote attacker who ca...

This CVE describes a use-after-free vulnerability in the NVMe/TCP subsystem of the Linux kernel that could allow attackers to execute arbitrary code o...

This vulnerability allows unprivileged local users to escalate privileges to root by exploiting insecure temporary directory handling in insights-clie...

This CVE-2023-5367 is an out-of-bounds write vulnerability in xorg-x11-server that allows attackers to write beyond allocated heap buffers. It could l...

A use-after-free vulnerability in xorg-x11-server-Xvfb allows privilege escalation or denial of service when exploiting a specific legacy multi-screen...

An out-of-bounds write vulnerability in grub2's NTFS filesystem driver allows attackers to corrupt heap metadata by presenting a specially crafted NTF...

CVE-2023-5633 is a use-after-free vulnerability in VMware's 3D acceleration memory handling that allows local unprivileged users within a VMware guest...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server res...

This vulnerability in libX11's XCreateImage() function allows local users to trigger an integer overflow, potentially leading to arbitrary code execut...

This vulnerability in Open vSwitch allows ICMPv6 Neighbor Advertisement packets to bypass OpenFlow rules between virtual machines. A local attacker ca...

This CVE describes an HTML injection vulnerability in a Controller's user interface settings. Attackers can inject malicious HTML to create fake login...

This vulnerability in Ansible Automation Platform's ec2_key module exposes private keys in standard output when creating new keypairs. Attackers can e...

This vulnerability in Red Hat OpenShift Data Science exposes S3 credentials in plain text when exporting pipelines from the Elyra notebook pipeline ed...

CVE-2023-4911 is a buffer overflow vulnerability in the GNU C Library's dynamic loader (ld.so) that allows local attackers to exploit SUID binaries. B...

A vulnerability in MariaDB allows remote attackers to cause denial of service via port scans on ports 3306 and 4567. This affects MariaDB servers with...

This vulnerability in APICast's 3Scale OIDC module allows attackers to access unauthorized information from separate realms when token mismatches aren...

This CVE-2023-42753 is an array indexing vulnerability in the Linux kernel's netfilter subsystem that allows local attackers to perform out-of-bounds ...

This vulnerability in cri-o allows attackers to inject arbitrary lines into the /etc/passwd file using a specially crafted environment variable. This ...

This reflected cross-site scripting (XSS) vulnerability in Keycloak's 'oob' OAuth endpoint allows attackers to inject malicious scripts via crafted li...

CVE-2023-5156 is a memory leak vulnerability in the GNU C Library (glibc) introduced by a previous fix for CVE-2023-4806. This flaw can cause applicat...

CVE-2023-1260 is an authentication bypass vulnerability in Kubernetes kube-apiserver that allows authenticated attackers with specific permissions to ...

CVE-2022-3596 is an information disclosure vulnerability in OpenStack's undercloud that allows unauthenticated remote attackers to access sensitive da...

This vulnerability in Quarkus allows attackers to bypass HTTP security policies by using specially crafted character permutations in requests. Affecte...

This vulnerability in the Network Observability plugin for OpenShift console allows authentication bypass when Loki authToken configuration is not set...

CVE-2023-1108 is a denial-of-service vulnerability in Undertow's SSL/TLS implementation where an infinite loop in the handshake process can crash the ...

CVE-2023-2680 is a use-after-free vulnerability in qemu-kvm virtualization software that occurs due to an incomplete fix for CVE-2021-3750. This allow...

CVE-2022-1415 is a deserialization vulnerability in Drools core utility classes that allows authenticated attackers to execute arbitrary code on affec...

This SQL injection vulnerability in PostgreSQL allows attackers with database-level CREATE privilege to execute arbitrary code as the bootstrap superu...

This vulnerability allows a local user to trigger an out-of-bounds memory access in the Linux kernel's TUN/TAP device driver by sending malicious over...

This vulnerability in Keylime's registrar component allows remote attackers to cause a denial of service by exhausting all available SSL connections d...

This CVE describes a use-after-free vulnerability in the Linux kernel's virtual console screen driver (vc_screen). An attacker with local user access ...

A race condition vulnerability in the Linux kernel's vmwgfx driver allows improper handling of GEM objects due to insufficient locking. This enables a...

This CVE describes an infinite loop vulnerability in Samba's mdssvc RPC service for Spotlight. Attackers can send specially crafted RPC packets with a...

This Linux kernel vulnerability allows attackers to exploit incorrect lock handling in virtual memory area management, leading to use-after-free condi...

A heap buffer overflow vulnerability in sox's lsx_readbuf function allows attackers to write beyond allocated memory boundaries. This can lead to deni...

A heap buffer overflow vulnerability in sox's hcom.c file allows attackers to write beyond allocated memory boundaries. This can lead to denial of ser...

This CVE describes a compliance issue in Red Hat OpenShift Container Platform where, when FIPS mode is enabled, not all cryptographic modules used are...

A memory corruption vulnerability in libX11 allows malicious X servers or man-in-the-middle proxies to crash X11 client applications. The flaw occurs ...

This CVE describes a use-after-free vulnerability in Apple's WebKit browser engine that could allow arbitrary code execution when processing malicious...

CVE-2023-2454 is a PostgreSQL vulnerability where the schema_element function can bypass protective search_path changes, allowing authenticated attack...

An integer overflow vulnerability in libcap's _libcap_strdup() function allows memory corruption when processing extremely large strings (close to 4GB...