VYPR

Hardened Images

by Red Hat

CVEs (26)

  • CVE-2026-0966HigMar 26, 2026
    risk 0.53cvss 8.2epss 0.01

    A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the…

  • CVE-2026-48864HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a…

  • CVE-2026-6846HigApr 22, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to…

  • CVE-2025-14821HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH…

  • CVE-2026-4775HigMar 24, 2026
    risk 0.51cvss 7.8epss 0.01

    A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer…

  • CVE-2026-1584HigApr 9, 2026
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the…

  • CVE-2026-6732MedApr 23, 2026
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type…

  • CVE-2026-5121HigMar 30, 2026
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could…

  • CVE-2026-4424HigMar 19, 2026
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a…

  • CVE-2026-0964MedMar 26, 2026
    risk 0.41cvss 6.3epss 0.00

    A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. …

  • CVE-2026-42010HigMay 7, 2026
    risk 0.39cvss 7.1epss 0.01

    A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to…

  • CVE-2026-6844MedApr 22, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead…

  • CVE-2026-5745MedApr 7, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the…

  • CVE-2026-9149MedMay 21, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds…

  • CVE-2026-9150MedMay 20, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to…

  • CVE-2026-3833MedApr 30, 2026
    risk 0.35cvss 6.5epss 0.01

    A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can…

  • CVE-2026-4426MedMar 19, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO…

  • CVE-2026-6845MedApr 22, 2026
    risk 0.33cvss 5.0epss 0.00

    A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw…

  • CVE-2026-5704MedApr 6, 2026
    risk 0.33cvss 5.0epss 0.00

    A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce…

  • CVE-2026-2100MedMar 26, 2026
    risk 0.27cvss 5.3epss 0.01

    A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an…

Page 1 of 2