ReportizFlow
Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15765 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32908 | 1 Redhat | 2 Enterprise Linux, Rhivos | 2026-06-25 | 7.5 High |
| A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS). | ||||
| CVE-2025-32906 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-06-25 | 7.5 High |
| A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. | ||||
| CVE-2025-3155 | 3 Debian, Gnome, Redhat | 26 Debian Linux, Yelp, Codeready Linux Builder and 23 more | 2026-06-25 | 7.4 High |
| A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | ||||
| CVE-2023-32256 | 1 Redhat | 2 Enterprise Linux, Rhivos | 2026-06-25 | 7.5 High |
| A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue. | ||||
| CVE-2025-10230 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2026-06-25 | 10 Critical |
| A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process. | ||||
| CVE-2025-0624 | 1 Redhat | 8 Enterprise Linux, Openshift, Rhel Aus and 5 more | 2026-06-25 | 7.6 High |
| A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. | ||||
| CVE-2024-9675 | 2 Buildah Project, Redhat | 22 Buildah, Enterprise Linux, Enterprise Linux Eus and 19 more | 2026-06-25 | 7.8 High |
| A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | ||||
| CVE-2025-14523 | 1 Redhat | 9 Enterprise Linux, Enterprise Linux Eus, Rhel Aus and 6 more | 2026-06-25 | 8.2 High |
| A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers. | ||||
| CVE-2025-13947 | 1 Redhat | 8 Enterprise Linux, Rhel Aus, Rhel E4s and 5 more | 2026-06-25 | 7.4 High |
| A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser. | ||||
| CVE-2025-13609 | 1 Redhat | 5 Enterprise Linux, Enterprise Linux Eus, Rhel E4s and 2 more | 2026-06-25 | 8.2 High |
| A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls. | ||||
| CVE-2025-13502 | 1 Redhat | 8 Enterprise Linux, Rhel Aus, Rhel E4s and 5 more | 2026-06-25 | 7.5 High |
| A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server. | ||||
| CVE-2025-12543 | 1 Redhat | 18 Apache Camel Hawtio, Apache Camel Spring Boot, Build Of Apache Camel and 15 more | 2026-06-25 | 9.6 Critical |
| A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions. | ||||
| CVE-2025-11021 | 1 Redhat | 8 Enterprise Linux, Rhel Aus, Rhel E4s and 5 more | 2026-06-25 | 7.5 High |
| A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. | ||||
| CVE-2025-1244 | 1 Redhat | 8 Enterprise Linux, Openshift Builds, Rhel Aus and 5 more | 2026-06-25 | 8.8 High |
| A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. | ||||
| CVE-2026-12505 | 1 Redhat | 4 Cifs-utils, Enterprise Linux, Openshift and 1 more | 2026-06-24 | 7.8 High |
| A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted request_key payload to trick the root-owned helper into entering a custom environment (namespace) containing a malicious NSS module. This forces the system to load the attacker's controlled NSS Module and configuration, allowing them to execute arbitrary commands as the root user, elevating their privileges and fully compromising the system. | ||||
| CVE-2026-56209 | 2 Aomedia, Redhat | 5 Libaom, Enterprise Linux, Enterprise Linux Ai and 2 more | 2026-06-24 | 7.1 High |
| An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel values. The encoder then writes approximately 1,200 bytes at the attacker-controlled address. This is fully deterministic and does not require a separate information leak. An attacker who can supply frames to a network-facing libaom encoder with SVC enabled could exploit this for denial of service or potential code execution. | ||||
| CVE-2026-56208 | 2 Aomedia, Redhat | 5 Libaom, Enterprise Linux, Enterprise Linux Ai and 2 more | 2026-06-24 | 7.6 High |
| A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing (LAP) mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when g_lag_in_frames is set to 1 or higher. This results in a 232-byte out-of-bounds write on every encoded frame after the second, corrupting adjacent heap objects. An attacker who can influence encoder configuration in a transcoding service or WebRTC session could exploit this to cause a denial of service (process crash) or potentially achieve code execution. | ||||
| CVE-2026-56210 | 2 Aomedia, Redhat | 5 Libaom, Enterprise Linux, Enterprise Linux Ai and 2 more | 2026-06-24 | 7.1 High |
| A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding the configured number of layers. This causes an out-of-bounds heap read of approximately 40,728 bytes when computing a layer context array index. An attacker who can influence SVC encoder parameters in a network-facing service could exploit this for information disclosure (heap content leak) or denial of service (segmentation fault from hitting unmapped memory). | ||||
| CVE-2026-56211 | 2 Aomedia, Redhat | 5 Libaom, Enterprise Linux, Enterprise Linux Ai and 2 more | 2026-06-24 | 7.1 High |
| A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC (Scalable Video Coding) layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer context structures. In fork-based video processing services, an attacker can use this to hijack the cyclic refresh map pointer, brute-force the process base address via a crash oracle, and redirect control flow to achieve arbitrary command execution. Exploitation requires the target service to use libaom with SVC encoding enabled and accept attacker-supplied video frames. | ||||
| CVE-2026-12725 | 2 Dnsmasq, Redhat | 4 Dnsmasq, Enterprise Linux, Openshift and 1 more | 2026-06-24 | 5.9 Medium |
| A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service. | ||||