Vulnerabilities in Red Hat
1,478 resultsCVE-2024-1132HIGHKeycloak: path transversal in redirection validationEPSS 1.6%CVE-2023-3269HIGHDistros-[dirtyvma] privilege escalation via non-rcu-protected vma traversalEPSS 1.6%CVE-2023-6535MEDIUMKernel: null pointer dereference in nvmet_tcp_execute_requestEPSS 1.5%CVE-2023-6536MEDIUMKernel: null pointer dereference in __nvmet_req_completeEPSS 1.5%CVE-2019-19340HIGHA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-EPSS 1.5%CVE-2024-1394HIGHGolang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloadsEPSS 1.5%CVE-2022-2127MEDIUMSamba: out-of-bounds read in winbind auth_crapEPSS 1.5%CVE-2019-10215MEDIUMBootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could explEPSS 1.5%CVE-2024-7006HIGHLibtiff: null pointer dereference in tif_dirinfo.cEPSS 1.5%CVE-2019-3894MEDIUMIt was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run thEPSS 1.5%CVE-2023-4527MEDIUMGlibc: stack read overflow in getaddrinfo in no-aaaa modeEPSS 1.5%CVE-2019-10206MEDIUMansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passEPSS 1.5%CVE-2017-2658LOWIt was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & SeEPSS 1.5%CVE-2011-3344MEDIUMSpacewalk: spacewalk: cross-site scripting via uri in lookup login/password formEPSS 1.5%CVE-2011-2927MEDIUMSpacewalk: spacewalk and red hat network satellite: cross-site scripting vulnerability via search formsEPSS 1.5%CVE-2017-2632MEDIUMA logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higherEPSS 1.5%CVE-2020-25689MEDIUMA memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating nEPSS 1.5%CVE-2011-1594MEDIUMSpacewalk: spacewalk: open redirect vulnerability enables phishing attacks via url parameterEPSS 1.5%CVE-2019-14872MEDIUMThe _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return EPSS 1.5%CVE-2023-6356MEDIUMKernel: null pointer dereference in nvmet_tcp_build_iovecEPSS 1.4%