Vulnerabilities in RED HAT
1,490 resultsCVE-2026-6857HIGHCamel-infinispan: camel-infinispan: remote code execution via unsafe deserializationEPSS 0.7%CVE-2025-32050MEDIUMLibsoup: integer overflow in append_param_quotedEPSS 0.7%CVE-2020-1732MEDIUMA flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption acrossEPSS 0.7%CVE-2023-4273MEDIUMKernel: exfat: stack overflow in exfat_get_uniname_from_ext_entryEPSS 0.7%CVE-2023-39176MEDIUMKernel: ksmbd: transform header out-of-bounds read information disclosure vulnerabilityEPSS 0.7%CVE-2023-3748LOWInifinite loop in babld message parsing may cause dosEPSS 0.7%CVE-2019-10146MEDIUMA Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service EPSS 0.7%CVE-2017-2627HIGHA flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP'EPSS 0.7%CVE-2026-23536HIGHFeast: unauthenticated arbitrary file readEPSS 0.7%CVE-2022-1438MEDIUMKeycloak: xss on impersonation under specific circumstancesEPSS 0.7%CVE-2023-4727HIGHCa: token authentication bypass vulnerabilityEPSS 0.7%CVE-2024-6861HIGHForeman: foreman: oauth secret exposure via unauthenticated access to the graphql apiEPSS 0.7%CVE-2025-11419HIGHKeycloak: keycloak tls client-initiated renegotiation denial of serviceEPSS 0.7%CVE-2024-9622MEDIUMResteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4EPSS 0.7%CVE-2024-10234MEDIUMWildfly: wildfly vulnerable to cross-site scripting (xss)EPSS 0.7%CVE-2024-6505MEDIUMQemu-kvm: virtio-net: queue index out-of-bounds access in software rssEPSS 0.7%CVE-2025-8067HIGHUdisks: out-of-bounds read in udisks daemonEPSS 0.7%CVE-2025-2559MEDIUMOrg.keycloak/keycloak-services: jwt token cache exhaustion leading to denial of service (dos) in keycloakEPSS 0.6%CVE-2024-5967LOWKeycloak: leak of configured ldap bind credentials through the keycloak admin consoleEPSS 0.6%CVE-2025-23367MEDIUMOrg.wildfly.core:wildfly-server: wildfly improper rbac permissionEPSS 0.6%