Vulnerabilities in Red Hat
1,478 resultsCVE-2023-5992MEDIUMOpensc: side-channel leaks while stripping encryption pkcs#1 paddingEPSS 1.2%CVE-2023-4154HIGHSamba: ad dc password exposure to privileged users and rodcsEPSS 1.2%CVE-2022-4137HIGHKeycloak: reflected xss attackEPSS 1.1%CVE-2023-38200HIGHKeylime: registrar is subject to a dos against ssl connectionsEPSS 1.1%CVE-2019-14838MEDIUMA flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modEPSS 1.1%CVE-2023-40745MEDIUMLibtiff: integer overflow in tiffcp.cEPSS 1.1%CVE-2026-6893HIGHDracut: dracut: root code execution via dhcp options command injectionEPSS 1.1%CVE-2026-2100MEDIUMP11-kit: null dereference via c_derivekey with specific null parametersEPSS 1.1%CVE-2023-50781HIGHM2crypto: bleichenbacher timing attacks in the rsa decryption api - incomplete fix for cve-2020-25657EPSS 1.1%CVE-2023-50782HIGHPython-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659EPSS 1.1%CVE-2023-4639HIGHUndertow: cookie smuggling/spoofingEPSS 1.1%CVE-2024-2236MEDIUMLibgcrypt: vulnerable to marvin attackEPSS 1.1%CVE-2023-5408HIGHOpenshift: modification of node role labelsEPSS 1.1%CVE-2024-1481MEDIUMFreeipa: specially crafted http requests potentially lead to denial of serviceEPSS 1.1%CVE-2023-6927MEDIUMKeycloak: open redirect via "form_post.jwt" jarm response modeEPSS 1.1%CVE-2019-19342MEDIUMA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password containEPSS 1.1%CVE-2022-3596HIGHInstack-undercloud: rsync leaks information to undercloudEPSS 1.1%CVE-2023-42670MEDIUMSamba: ad dc busy rpc multiple listener dosEPSS 1.1%CVE-2017-12175LOWRed Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality.EPSS 1.1%CVE-2018-14658MEDIUMA flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.EPSS 1.1%