Vulnerabilities in RED HAT
1,478 resultsCVE-2020-10755MEDIUMAn insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versionsEPSS 1.2%CVE-2020-14307MEDIUMA vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations aEPSS 1.2%CVE-2020-14297MEDIUMA flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumEPSS 1.2%CVE-2025-7424HIGHLibxslt: type confusion in xmlnode.psvi between stylesheet and source nodesEPSS 1.2%CVE-2018-14655MEDIUMA flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary EPSS 1.2%CVE-2024-12243MEDIUMGnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dosEPSS 1.2%CVE-2019-14843HIGHA flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be usedEPSS 1.2%CVE-2020-1720LOWA flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticatedEPSS 1.2%CVE-2023-34968MEDIUMSamba: spotlight server-side share path disclosureEPSS 1.2%CVE-2025-32988MEDIUMGnutls: vulnerability in gnutls othername san exportEPSS 1.2%CVE-2024-2947HIGHCockpit: command injection when deleting a sosreport with a crafted nameEPSS 1.2%CVE-2025-32989MEDIUMGnutls: vulnerability in gnutls sct extension parsingEPSS 1.2%CVE-2025-12543CRITICALUndertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrfEPSS 1.2%CVE-2023-4091MEDIUMSamba: smb clients can truncate files with read-only permissionsEPSS 1.2%CVE-2023-40661MEDIUMOpensc: multiple memory issues with pkcs15-init (enrollment tool)EPSS 1.2%CVE-2020-25662MEDIUMA Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initializaEPSS 1.2%CVE-2024-5564HIGHLibndp: buffer overflow in route information length fieldEPSS 1.2%CVE-2025-12548CRITICALGithub.com/che-incubator/che-code: eclipse che — unauthenticated rce and secret exfiltration via tcp/3333EPSS 1.2%CVE-2017-15113HIGHovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can EPSS 1.2%CVE-2018-14657MEDIUMA flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm EPSS 1.2%