VYPR

Vendor CVEs

Red Hat

All CVEs

3,692 total · sorted by risk
  • CVE-2026-4424HigMar 19, 2026
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a…

  • CVE-2026-4111HigMar 13, 2026
    risk 0.42cvss 7.5epss 0.01

    A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents…

  • CVE-2025-8766MedMar 13, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-57849MedMar 13, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a…

  • CVE-2025-12801MedMar 4, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or…

  • CVE-2026-3118MedFeb 25, 2026
    risk 0.42cvss 6.5epss 0.01

    A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend…

  • CVE-2025-57850MedDec 2, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected…

  • CVE-2025-57848MedOct 23, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Container-native Virtualization images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-58712MedOct 22, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,…

  • CVE-2025-32990MedJul 10, 2025
    risk 0.42cvss 6.5epss 0.01

    A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory…

  • CVE-2025-5351MedJul 4, 2025
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free…

  • CVE-2025-6021HigJun 12, 2025
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

  • CVE-2025-2877MedMar 28, 2025
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also…

  • CVE-2024-12088MedJan 14, 2025
    risk 0.42cvss 6.5epss 0.05

    A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary…

  • CVE-2024-4540HigJun 3, 2024
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly…

  • CVE-2023-4527MedSep 18, 2023
    risk 0.42cvss 6.5epss 0.02

    A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function…

  • CVE-2018-1114MedSep 11, 2018
    risk 0.42cvss 6.5epss 0.02

    It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.

  • CVE-2018-10908MedAug 9, 2018
    risk 0.42cvss 6.5epss 0.01

    It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service…

  • CVE-2016-8626MedJul 31, 2018
    risk 0.42cvss 6.5epss 0.02

    A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.

  • CVE-2016-9578HigJul 27, 2018
    risk 0.42cvss 7.5epss 0.02

    A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

  • CVE-2017-15097MedJul 27, 2018
    risk 0.42cvss 6.5epss 0.01

    Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.

  • CVE-2016-9577HigJul 27, 2018
    risk 0.42cvss 7.5epss 0.04

    A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

  • CVE-2017-15125MedJul 27, 2018
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms.…

  • CVE-2017-12195MedJul 27, 2018
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires…

  • CVE-2017-2639MedJul 27, 2018
    risk 0.42cvss 6.5epss 0.01

    It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and…

  • CVE-2017-2664MedJul 26, 2018
    risk 0.42cvss 6.5epss 0.01

    CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate…

  • CVE-2018-10872MedJul 10, 2018
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction…

  • CVE-2018-10885MedJul 5, 2018
    risk 0.42cvss 6.5epss 0.02

    In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.

  • CVE-2018-1070MedJun 12, 2018
    risk 0.42cvss 6.5epss 0.01

    routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router…

  • CVE-2015-1862HigFeb 9, 2018
    risk 0.42cvss 7.0epss 0.03

    The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.

  • CVE-2017-16818MedDec 20, 2017
    risk 0.42cvss 6.5epss 0.02

    RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to…

  • CVE-2014-3250MedDec 11, 2017
    risk 0.42cvss 6.5epss 0.01

    The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.

  • CVE-2017-5120MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words,…

  • CVE-2017-5110MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.

  • CVE-2017-5106MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

  • CVE-2017-5105MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

  • CVE-2017-5104MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page.

  • CVE-2017-5101MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.

  • CVE-2017-5094MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.02

    Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page.

  • CVE-2017-5093MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page.

  • CVE-2017-5089MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name.

  • CVE-2017-5086MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

  • CVE-2017-5076MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

  • CVE-2017-5067MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2017-5066MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML…

  • CVE-2017-5060MedOct 27, 2017
    risk 0.42cvss 6.5epss 0.01

    Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

  • CVE-2017-10384MedOct 19, 2017
    risk 0.42cvss 6.5epss 0.03

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2017-10379MedOct 19, 2017
    risk 0.42cvss 6.5epss 0.02

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network…

  • CVE-2014-7813MedOct 18, 2017
    risk 0.42cvss 6.5epss 0.01

    Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols.

  • CVE-2015-5248MedSep 20, 2017
    risk 0.42cvss 6.5epss 0.01

    Reflected file download vulnerability in Red Hat Feedhenry Enterprise Mobile Application Platform.

Page 16 of 74