Filtered by vendor Redhat Subscriptions
Filtered by product Rhel Aus Subscriptions
Total 1103 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-43680 5 Debian, Fedoraproject, Libexpat Project and 2 more 24 Debian Linux, Fedora, Libexpat and 21 more 2025-05-30 7.5 High
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
CVE-2024-0753 3 Debian, Mozilla, Redhat 9 Debian Linux, Firefox, Firefox Esr and 6 more 2025-05-30 6.5 Medium
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVE-2024-0743 2 Mozilla, Redhat 6 Firefox, Enterprise Linux, Rhel Aus and 3 more 2025-05-30 7.5 High
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.
CVE-2024-0742 3 Debian, Mozilla, Redhat 9 Debian Linux, Firefox, Firefox Esr and 6 more 2025-05-30 4.3 Medium
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVE-2024-0741 3 Debian, Mozilla, Redhat 9 Debian Linux, Firefox, Firefox Esr and 6 more 2025-05-30 6.5 Medium
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVE-2023-40548 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2025-05-29 7.4 High
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase.
CVE-2023-40550 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2025-05-29 5.5 Medium
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
CVE-2025-47905 1 Redhat 4 Rhel Aus, Rhel E4s, Rhel Eus and 1 more 2025-05-29 5.4 Medium
Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
CVE-2025-32913 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2025-05-29 7.5 High
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.
CVE-2025-32911 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2025-05-29 9 Critical
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.
CVE-2025-32906 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2025-05-29 7.5 High
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.
CVE-2024-5564 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2025-05-29 8.1 High
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
CVE-2025-3155 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2025-05-28 7.4 High
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
CVE-2025-31215 2 Apple, Redhat 11 Ipados, Iphone Os, Macos and 8 more 2025-05-28 6.5 Medium
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-46420 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2025-05-28 6.5 Medium
A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.
CVE-2023-32215 2 Mozilla, Redhat 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-05-27 8.8 High
Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
CVE-2023-32212 2 Mozilla, Redhat 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-05-27 4.3 Medium
An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
CVE-2023-32213 2 Mozilla, Redhat 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-05-27 8.8 High
When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
CVE-2023-32211 2 Mozilla, Redhat 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-05-27 6.5 Medium
A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
CVE-2023-32207 2 Mozilla, Redhat 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-05-27 8.8 High
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.