ReportizFlow
Filtered by vendor Redhat
Subscriptions
Filtered by product Rhivos
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-6395 | 1 Redhat | 5 Enterprise Linux, Openshift, Rhel E4s and 2 more | 2025-10-07 | 6.5 Medium |
| A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). | ||||
| CVE-2025-8277 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2025-10-06 | 3.1 Low |
| A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability. | ||||
| CVE-2025-6021 | 1 Redhat | 12 Discovery, Enterprise Linux, Insights Proxy and 9 more | 2025-10-03 | 7.5 High |
| A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. | ||||
| CVE-2025-4373 | 1 Redhat | 9 Enterprise Linux, Insights Proxy, Openshift Distributed Tracing and 6 more | 2025-10-03 | 4.8 Medium |
| A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. | ||||
| CVE-2025-4953 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2025-10-01 | 7.4 High |
| A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible. | ||||
| CVE-2025-6170 | 2 Redhat, Xmlsoft | 6 Enterprise Linux, Jboss Core Services, Openshift and 3 more | 2025-10-01 | 2.5 Low |
| A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections. | ||||
| CVE-2025-5318 | 2 Libssh, Redhat | 5 Libssh, Enterprise Linux, Openshift and 2 more | 2025-10-01 | 5.4 Medium |
| A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior. | ||||
| CVE-2025-47711 | 2 Nbdkit Project, Redhat | 5 Nbdkit, Advanced Virtualization, Enterprise Linux and 2 more | 2025-10-01 | 4.3 Medium |
| There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service. | ||||
| CVE-2025-47712 | 2 Nbdkit Project, Redhat | 5 Nbdkit, Advanced Virtualization, Enterprise Linux and 2 more | 2025-10-01 | 4.3 Medium |
| A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. | ||||
Page 1 of 1.