Vulnerabilities in RED HAT
1,478 resultsCVE-2023-6779HIGHGlibc: off-by-one heap-based buffer overflow in __vsyslog_internal()EPSS 3.1%CVE-2020-10711MEDIUMA NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing tEPSS 3.1%CVE-2018-10911MEDIUMA flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaEPSS 3.1%CVE-2019-19344MEDIUMThere is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x verEPSS 3.1%CVE-2013-0270MEDIUMKeystone: openstack keystone: denial of service via large http request with long tenant nameEPSS 3.1%CVE-2020-1730MEDIUMA flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The serEPSS 3.1%CVE-2018-10904HIGHIt was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by EPSS 3.0%CVE-2023-32254CRITICALTree connection race condition remote code execution vulnerabilityEPSS 2.9%CVE-2019-14897MEDIUMA stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to causEPSS 2.9%CVE-2024-3656HIGHKeycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalitiesEPSS 2.8%CVE-2019-14870MEDIUMAll Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegaEPSS 2.8%CVE-2018-16871HIGHA flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mouEPSS 2.8%CVE-2023-5868MEDIUMPostgresql: memory disclosure in aggregate function callsEPSS 2.8%CVE-2010-3872HIGHHttpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.cEPSS 2.8%CVE-2018-10927HIGHA flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak informationEPSS 2.8%CVE-2024-5971HIGHUndertow: response write hangs in case of java 17 tlsv1.3 newsessionticketEPSS 2.7%CVE-2018-10928HIGHA flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside EPSS 2.7%CVE-2023-6780MEDIUMGlibc: integer overflow in __vsyslog_internal()EPSS 2.7%CVE-2025-1244HIGHEmacs: shell injection vulnerability in gnu emacs via custom "man" uri schemeEPSS 2.7%CVE-2024-7885HIGHUndertow: improper state management in proxy protocol parsing causes information leakageEPSS 2.6%