Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-24678

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-09 Feb, 2026 | 18:17
Updated At-30 Jun, 2026 | 12:06
Rejected At-
Credits

FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write. This vulnerability is fixed in 3.22.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:09 Feb, 2026 | 18:17
Updated At:30 Jun, 2026 | 12:06
Rejected At:
▼CVE Numbering Authority (CNA)
FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write. This vulnerability is fixed in 3.22.0.

Affected Products
Vendor
FreeRDPFreeRDP
Product
FreeRDP
Versions
Affected
  • < 3.22.0
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416: Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416: Use After Free
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7h
x_refsource_CONFIRM
https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600
x_refsource_MISC
Hyperlink: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7h
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. freerdp: FreeRDP: Denial of Service via use after free in ecam_channel_write

A denial of service flaw has been found in FreeRDP. A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AppStream EUS (v. 10.0)
CPEs
  • cpe:/o:redhat:enterprise_linux_eus:10.0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AppStream (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.1
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)
CPEs
  • cpe:/o:redhat:enterprise_linux_eus:10.0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.1
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Problem Types
TypeCWE IDDescription
CWECWE-825Expired Pointer Dereference
Type: CWE
CWE ID: CWE-825
Description: Expired Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

RHSA-2026:4121: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)

RHSA-2026:3068: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)

RHSA-2026:19033: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)

Configurations

Workarounds

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-02-09 20:01:06
Made public.2026-02-09 18:17:27
Event: Reported to Red Hat.
Date: 2026-02-09 20:01:06
Event: Made public.
Date: 2026-02-09 18:17:27
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-24678
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2438197
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24678.json
x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:4121
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3068
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19033
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-24678
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2438197
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24678.json
Resource:
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/errata/RHSA-2026:4121
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:3068
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:19033
Resource:
vendor-advisory
x_refsource_REDHAT
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:09 Feb, 2026 | 19:15
Updated At:30 Jun, 2026 | 03:17

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write. This vulnerability is fixed in 3.22.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
N/A
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

FreeRDP
freerdp
>>freerdp>>Versions before 3.22.0(exclusive)
cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarysecurity-advisories@github.com
CWE-825Secondary0b0ca135-0b70-47e7-9f44-1890c2a1c46c
CWE ID: CWE-416
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-825
Type: Secondary
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600security-advisories@github.com
Patch
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7hsecurity-advisories@github.com
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:190330b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:30680b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:41210b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/security/cve/CVE-2026-246780b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=24381970b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24678.json0b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
Hyperlink: https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7h
Source: security-advisories@github.com
Resource:
Patch
Vendor Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2026:19033
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:3068
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:4121
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-24678
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2438197
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24678.json
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

745Records found

CVE-2025-13878
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-8.22% / 94.20%
||
7 Day CHG+0.65%
Published-21 Jan, 2026 | 14:43
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Malformed BRID/HHIT records can cause named to terminate unexpectedly

Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.Red Hat, Inc.
Product-BIND 9Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 7Red Hat Hardened ImagesRed Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-617
Reachable Assertion
CVE-2025-67268
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.67% / 47.65%
||
7 Day CHG+0.14%
Published-02 Jan, 2026 | 00:00
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the size of the skyview array (184 elements). This allows an attacker to write beyond the bounds of the array by providing a satellite count up to 255, leading to memory corruption, Denial of Service (DoS), and potentially arbitrary code execution.

Action-Not Available
Vendor-gpsd_projectn/aRed Hat, Inc.
Product-gpsdn/aRed Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream (v. 10)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CVE-2026-25990
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.37% / 28.72%
||
7 Day CHG-0.00%
Published-11 Feb, 2026 | 20:53
Updated-01 Jul, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pillow has an out-of-bounds write when loading PSD images

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.

Action-Not Available
Vendor-python-pillowRed Hat, Inc.Python Software Foundation
Product-pillowPillowRed Hat Enterprise Linux 7Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat AI Inference ServerRed Hat AI Inference Server 3.3Red Hat Satellite 6.16 for RHEL 9Red Hat Satellite 6.16 for RHEL 8Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat Quay 3.16Red Hat OpenShift AI 3.3Red Hat OpenShift AI 2.25Red Hat Quay 3.9Red Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat Satellite 6.18 for RHEL 9Red Hat Ansible Automation Platform 2Red Hat AI Inference Server 3.2Red Hat Ansible Automation Platform 2.5Red Hat Satellite 6.17 for RHEL 9Red Hat Enterprise Linux 8Red Hat Satellite 6Red Hat Quay 3.12OpenShift LightspeedRed Hat Ansible Automation Platform 2.6 for RHEL 10Red Hat Ansible Automation Platform 2.6Red Hat Quay 3.10Red Hat OpenShift AI (RHOAI)Red Hat Quay 3.15
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-11419
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 46.87%
||
7 Day CHG~0.00%
Published-23 Dec, 2025 | 20:42
Updated-20 Apr, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak: keycloak tls client-initiated renegotiation denial of service

A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat build of Keycloak 26.2Red Hat build of Keycloak 26.0.16Red Hat build of Keycloak 26.2.10Red Hat build of Keycloak 26.0
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-10990
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.20%
||
7 Day CHG~0.00%
Published-27 Feb, 2026 | 13:32
Updated-26 Jun, 2026 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rexml: rexml: denial of service via inefficient regex parsing

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Satellite 6.16 for RHEL 9Red Hat Satellite 6.17 for RHEL 9Satellite Client 6 for RHEL 9Red Hat Satellite 6.16 for RHEL 8Satellite Client 6 for RHEL 8
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CVE-2026-25679
Matching Score-8
Assigner-Go Project
ShareView Details
Matching Score-8
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.73% / 49.69%
||
7 Day CHG+0.21%
Published-06 Mar, 2026 | 21:28
Updated-03 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect parsing of IPv6 host literals in net/url

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

Action-Not Available
Vendor-Go standard libraryRed Hat, Inc.Go
Product-gonet/urlCryostat 4 on RHEL 9Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat OpenShift distributed tracing 3.9.3Red Hat Quay 3.16Multicluster Engine for KubernetesRed Hat OpenShift Service Mesh 3.3Deployment Validation OperatorRed Hat OpenShift Service Mesh 3.0Red Hat OpenShift Builds 1.6.5Red Hat OpenShift Service Mesh 2.6Logging Subsystem for Red Hat OpenShift 6.0Multicluster Global Hub 1.5.4Red Hat 3scale API Management Platform 2Red Hat OpenShift GitOpsRed Hat OpenShift Container Platform 4.12Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)Red Hat Quay 3.10Red Hat OpenShift on AWSRed Hat Web Terminal 1.15Red Hat OpenShift Cluster Manager CLICustom Metric Autoscaler 2.19Red Hat OpenStack Platform 18.0Red Hat OpenShift Container Platform 4.17Red Hat OpenShift Service Mesh 3.1Red Hat Advanced Cluster Security for Kubernetes 4.10Migration Toolkit for ContainersRed Hat Enterprise Linux AppStream E4S (v.8.8)Node HealthCheck OperatorRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Quay 3.14Migration Toolkit for Applications 8Power monitoring for Red Hat OpenShiftOpenShift File Integrity Operator - FIO 1Red Hat OpenShift AI 2.25Red Hat Service Interconnect 2Red Hat OpenStack Services on OpenShift 18OpenShift Developer Tools and ServicesRed Hat OpenStack Platform 16.2Red Hat Web Terminal 1.14Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Satellite 6.19 for RHEL 9DevWorkspace Operator 0.4Red Hat Advanced Cluster Management for Kubernetes 2.15ExternalDNS OperatorRed Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AI 3.3OpenShift PipelinesSecurity Profiles OperatorRed Hat Advanced Cluster Management for Kubernetes 2.14Red Hat Web Terminal 1.11Red Hat Trusted Artifact Signer 1.3Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat OpenShift Container Platform 4.13Red Hat Ansible Automation Platform 2.6 for RHEL 10Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)Red Hat Quay 3.15mirror registry for Red Hat OpenShiftRed Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat AMQ ClientsNetwork Observability (NETOBSERV) 1.11.2Red Hat Web Terminal 1.12Fence Agents Remediation OperatorRed Hat OpenShift Container Platform 4.18Red Hat Satellite 6.16 for RHEL 8Red Hat Satellite 6.16 for RHEL 9Red Hat Quay 3.9Red Hat Service Interconnect 1OpenShift API for Data Protection 1.4Red Hat OpenShift Dev Spaces 3.27Red Hat Update Infrastructure 5Red Hat OpenShift Virtualization 4Red Hat Advanced Cluster Security for Kubernetes 4.8Red Hat OpenShift Container Platform 4.16Red Hat Hardened ImagesRed Hat CodeReady Linux Builder EUS (v.9.6)Red Hat OpenShift Container Platform 4Red Hat Developer Hub 1.8Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat Openshift Data Foundation 4Zero Trust Workload Identity Manager - Tech PreviewRed Hat Quay 3Machine Deletion Remediation OperatorRed Hat Enterprise Linux AppStream AUS (v. 8.2)Red Hat OpenStack 1.5Red Hat OpenShift Container Platform 4.15Zero Trust Workload Identity ManagerRed Hat OpenShift Service Mesh 3.2Logging Subsystem for Red Hat OpenShift 6.4streams for Apache Kafka 3External Secrets Operator for Red Hat OpenShiftcert-manager Operator for Red Hat OpenShiftRed Hat CodeReady Linux Builder EUS (v.9.4)Red Hat Enterprise Linux 7Red Hat Enterprise Linux Server (v. 7 ELS)Gatekeeper 3Red Hat Enterprise Linux 10Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Ansible Automation Platform 2Red Hat build of Apache Camel - HawtIO 4Logging Subsystem for Red Hat OpenShift 6.2OpenShift ServerlessRed Hat Quay 3.12Red Hat Developer Hub 1.9OpenShift LightspeedRed Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Ansible Automation Platform 2.6Red Hat Advanced Cluster Security for Kubernetes 4.9Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Satellite 6.18Red Hat Certification Program for Red Hat Enterprise Linux 9Red Hat Satellite 6OpenShift Compliance Operator 1Red Hat Enterprise Linux AppStream (v. 9)Red Hat Lightspeed (formerly Insights) for Runtimes 1Red Hat Web Terminal 1.13Red Hat OpenShift AI (RHOAI)Confidential Compute AttestationOpenShift Service Mesh 2Red Hat Edge Manager 1Red Hat Enterprise Linux AppStream E4S (v.8.6)Multicluster Global Hub 1.3.4Multicluster Global Hub 1.6.2Logical Volume Manager StorageRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream E4S (v.9.0)mirror registry for Red Hat OpenShift 2.0Red Hat OpenShift Container Platform 4.19Logging Subsystem for Red Hat OpenShiftRed Hat OpenShift Container Platform 4.14Red Hat OpenShift Builds 1.7.3OpenShift API for Data Protection 1.5Red Hat OpenShift for Windows ContainersRed Hat OpenShift Container Platform 4.20Red Hat OpenStack Platform 17.1Assisted Installer for Red Hat OpenShift Container Platform 2Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Connectivity Link 1Multicluster Global Hub 1.4.5
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-425
Direct Request ('Forced Browsing')
CVE-2024-8768
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 47.73%
||
7 Day CHG~0.00%
Published-17 Sep, 2024 | 16:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vllm: a completions api request with an empty prompt will crash the vllm api server.

A flaw was found in the vLLM library. A completions API request with an empty prompt will crash the vLLM API server, resulting in a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux AI (RHEL AI)
CWE ID-CWE-617
Reachable Assertion
CVE-2024-9622
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.65% / 46.78%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 16:26
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Resteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4

A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is sent, it causes the Netty HttpObjectDecoder to transition into a BAD_MESSAGE state. As a result, any subsequent legitimate requests on the same connection are ignored, leading to client timeouts, which may impact systems using load balancers and expose them to risk.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 8
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2026-53460
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.58%
||
7 Day CHG+0.08%
Published-10 Jun, 2026 | 22:02
Updated-30 Jun, 2026 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Policy Bypass can trigger out-of-Memory condition

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.

Action-Not Available
Vendor-ImageMagick Studio LLCRed Hat, Inc.
Product-imagemagickImageMagickRed Hat Enterprise Linux Server Optional (v. 7 ELS)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-53461
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 27.32%
||
7 Day CHG+0.08%
Published-10 Jun, 2026 | 22:03
Updated-30 Jun, 2026 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Out-of-bounds write in ICON decoder due to incorrect loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.

Action-Not Available
Vendor-ImageMagick Studio LLCRed Hat, Inc.
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-5497
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-0.60% / 44.23%
||
7 Day CHG+0.17%
Published-11 Jun, 2026 | 08:31
Updated-03 Jul, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to extract individual JPEG frames without enforcing a frame count limit. An attacker can exploit this by crafting a single API request containing thousands of comma-separated base64-encoded JPEG frames in a data URL, causing the server to decode all frames into memory and crash due to excessive memory consumption. This vulnerability is reachable via the OpenAI-compatible chat completions API and does not require authentication.

Action-Not Available
Vendor-vllmvllm-projectRed Hat, Inc.
Product-vllmvllm-project/vllmRed Hat AI Inference ServerRed Hat OpenShift AI (RHOAI)Red Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-8418
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 50.71%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 14:24
Updated-30 Jun, 2026 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service

A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.

Action-Not Available
Vendor-containersRed Hat, Inc.
Product-aardvark-dnsRed Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-7885
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.64% / 83.75%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 14:13
Updated-19 Jan, 2026 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: improper state management in proxy protocol parsing causes information leakage

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.

Action-Not Available
Vendor-Red Hat, Inc.
Product-build_of_apache_camel_for_spring_bootjboss_enterprise_application_platformprocess_automationbuild_of_keycloaksingle_sign-ondata_gridintegration_camel_kbuild_of_apache_camel_-_hawtiojboss_fuseRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7Red Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat Single Sign-On 7Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat build of Apache Camel - HawtIO 4Red Hat Data Grid 8Red Hat build of QuarkusRed Hat Build of KeycloakRed Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat build of Apache Camel 4.4.2 for Spring BootRed Hat build of Apache Camel 3.20.7 for Spring BootRed Hat build of Apache Camel for Spring Boot 3Red Hat Fuse 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 8Red Hat Integration Camel K 1HawtIO 4.0.0 for Red Hat build of Apache Camel 4
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-8176
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.57% / 72.35%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 08:19
Updated-30 Jun, 2026 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libexpat: expat: improper restriction of xml entity expansion depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat Discovery 1.14Red Hat JBoss Core Services 2.4.62.SP1Red Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportDevWorkspace Operator 0.33Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2026-25942
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 36.33%
||
7 Day CHG~0.00%
Published-25 Feb, 2026 | 20:01
Updated-27 Feb, 2026 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeRDP has global-buffer-overflow in xf_rail_server_execute_result

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_execute_result` indexes the global `error_code_names[]` array (7 elements, indices 0–6) with an unchecked `execResult->execResult` value received from the server, allowing an out-of-bounds read when the server sends an `execResult` value of 7 or greater. Version 3.23.0 fixes the issue.

Action-Not Available
Vendor-FreeRDP
Product-freerdpFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-7006
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.52% / 71.45%
||
7 Day CHG~0.00%
Published-08 Aug, 2024 | 20:49
Updated-23 Jan, 2026 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libtiff: null pointer dereference in tif_dirinfo.c

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.LibTIFF
Product-enterprise_linuxenterprise_linux_server_ausenterprise_linux_for_power_little_endian_euslibtiffenterprise_linux_for_arm_64Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 7
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-6162
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.70% / 74.43%
||
7 Day CHG~0.00%
Published-20 Jun, 2024 | 14:33
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: url-encoded request path information can be broken on ajp-listener

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processed. As a result, the server may attempt to access the wrong path, causing errors such as "404 Not Found" or other application failures. This flaw can potentially lead to a denial of service, as legitimate resources become inaccessible due to the path mix-up.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Build of KeycloakEAP 8.0.1Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Enterprise Application Platform 8Red Hat Integration Camel K 1Red Hat Data Grid 8Red Hat build of Apache Camel 4.4.1 for Spring Boot 3.2Red Hat Single Sign-On 7Red Hat build of Apache Camel - HawtIO 4Red Hat Fuse 7Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Data Grid 7Red Hat Process Automation 7Red Hat build of Apache Camel for Spring Boot 3
CWE ID-CWE-488
Exposure of Data Element to Wrong Session
CVE-2024-6239
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.78% / 51.58%
||
7 Day CHG~0.00%
Published-21 Jun, 2024 | 13:28
Updated-20 Nov, 2025 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Poppler: pdfinfo: crash in broken documents when using -dests parameter

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.freedesktop.org
Product-enterprise_linuxpopplerRed Hat Enterprise Linux 10Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8
CWE ID-CWE-20
Improper Input Validation
CVE-2026-25673
Matching Score-8
Assigner-6a34fbeb-21d4-45e7-8e0a-62b95bc12c92
ShareView Details
Matching Score-8
Assigner-6a34fbeb-21d4-45e7-8e0a-62b95bc12c92
CVSS Score-7.5||HIGH
EPSS-0.73% / 49.91%
||
7 Day CHG+0.06%
Published-03 Mar, 2026 | 14:28
Updated-30 Jun, 2026 | 03:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential denial-of-service vulnerability in URLField via Unicode normalization on Windows

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. `URLField.to_python()` in Django calls `urllib.parse.urlsplit()`, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial of service via large URL inputs containing these characters. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Seokchan Yoon for reporting this issue.

Action-Not Available
Vendor-Red Hat, Inc.Django
Product-djangoDjangoRed Hat Ansible Automation Platform 2Red Hat Discovery 2Red Hat Satellite 6
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-5971
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.72% / 84.21%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 20:51
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Data Grid 8Red Hat build of QuarkusRed Hat Single Sign-On 7Red Hat Integration Camel K 1Red Hat build of Apache Camel 4.4.2 for Spring BootRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat build of Apache Camel - HawtIO 4Red Hat Fuse 7Red Hat JBoss Enterprise Application Platform 7Red Hat Process Automation 7Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 8Red Hat Build of KeycloakRed Hat build of Apache Camel 3.20.7 for Spring BootRed Hat build of Apache Camel 4.4.1 for Spring Boot 3.2Red Hat build of Apache Camel for Spring Boot 3
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2026-27137
Matching Score-8
Assigner-Go Project
ShareView Details
Matching Score-8
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.61% / 44.68%
||
7 Day CHG+0.25%
Published-06 Mar, 2026 | 21:28
Updated-03 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect enforcement of email constraints in crypto/x509

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Action-Not Available
Vendor-Go standard libraryRed Hat, Inc.Go
Product-gocrypto/x509Red Hat Openshift Data Foundation 4Zero Trust Workload Identity Manager - Tech PreviewRed Hat Quay 3Red Hat OpenShift distributed tracing 3.9.3Machine Deletion Remediation OperatorRed Hat OpenShift GitOps 1.18mirror registry for Red Hat OpenShift 2Service Telemetry Framework 1.5Red Hat Developer HubRed Hat Quay 3.16Multicluster Engine for KubernetesDeployment Validation OperatorZero Trust Workload Identity ManagerLogging Subsystem for Red Hat OpenShift 6.4Red Hat OpenShift Builds 1.6.5Logging Subsystem for Red Hat OpenShift 6.0streams for Apache Kafka 3Multicluster Global Hub 1.5.4Red Hat 3scale API Management Platform 2External Secrets Operator for Red Hat OpenShiftRed Hat OpenShift on AWSRed Hat Web Terminal 1.15Network Observability Operatorcert-manager Operator for Red Hat OpenShiftRed Hat OpenShift Cluster Manager CLIRed Hat Enterprise Linux 7Red Hat OpenShift GitOps 1.2Red Hat OpenStack Platform 18.0Gatekeeper 3Custom Metric Autoscaler operator for Red Hat OpenshiftMigration Toolkit for ContainersRed Hat Enterprise Linux 10Node HealthCheck OperatorRed Hat Enterprise Linux 9OpenShift Service Mesh 3Red Hat Enterprise Linux 8Red Hat Ansible Automation Platform 2Red Hat build of Apache Camel - HawtIO 4Logging Subsystem for Red Hat OpenShift 6.2Compliance OperatorOpenShift ServerlessRed Hat Advanced Cluster Security 4Migration Toolkit for Applications 8OpenShift LightspeedPower monitoring for Red Hat OpenShiftRed Hat Ansible Automation Platform 2.6Red Hat OpenShift AI 2.25Red Hat Service Interconnect 2OpenShift Developer Tools and ServicesRed Hat OpenStack Platform 16.2Red Hat Web Terminal 1.14DevWorkspace Operator 0.4ExternalDNS OperatorRed Hat Advanced Cluster Management for Kubernetes 2.15Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream (v. 10)Red Hat Satellite 6.18OpenShift PipelinesFile Integrity OperatorSecurity Profiles OperatorRed Hat Certification Program for Red Hat Enterprise Linux 9Red Hat Web Terminal 1.11Red Hat Trusted Artifact Signer 1.3Red Hat Satellite 6Red Hat Enterprise Linux AppStream (v. 9)Red Hat Lightspeed (formerly Insights) for Runtimes 1Red Hat Web Terminal 1.13Red Hat OpenShift AI (RHOAI)Confidential Compute Attestationmirror registry for Red Hat OpenShiftRed Hat Edge Manager 1OpenShift Service Mesh 2Multicluster Global Hub 1.3.4Multicluster Global Hub 1.6.2Logical Volume Manager StorageRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Web Terminal 1.12Fence Agents Remediation OperatorMulticluster Global Hub 1.4.5Logging Subsystem for Red Hat OpenShiftRed Hat Enterprise Linux AI (RHEL AI) 3Red Hat Service Interconnect 1Red Hat OpenShift Builds 1.7.3OpenShift API for Data Protection 1.4Red Hat OpenShift Dev Spaces 3.27Cryostat 4Red Hat OpenShift Virtualization 4OpenShift API for Data Protection 1.5Red Hat OpenShift GitOps 1.19Red Hat OpenShift for Windows ContainersRed Hat OpenStack Platform 17.1Assisted Installer for Red Hat OpenShift Container Platform 2Red Hat Connectivity Link 1Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-295
Improper Certificate Validation
CVE-2026-25949
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 48.99%
||
7 Day CHG+0.08%
Published-12 Feb, 2026 | 20:01
Updated-30 Jun, 2026 | 12:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Traefik: TCP readTimeout bypass via STARTTLS on Postgres

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest (STARTTLS) prelude and then stalling, causing connections to remain open indefinitely, leading to a denial of service. This vulnerability is fixed in 3.6.8.

Action-Not Available
Vendor-traefiktraefikRed Hat, Inc.
Product-traefiktraefikRed Hat OpenShift Dev Spaces 3.27
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-22774
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.57% / 43.03%
||
7 Day CHG+0.08%
Published-15 Jan, 2026 | 18:53
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
devalue vulnerable to denial of service due to memory exhaustion in devalue.parse

Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. From 5.3.0 to 5.6.1, certain inputs can cause devalue.parse to consume excessive CPU time and/or memory, potentially leading to denial of service in systems that parse input from untrusted sources. This affects applications using devalue.parse on externally-supplied data. The root cause is the typed array hydration expecting an ArrayBuffer as input, but not checking the assumption before creating the typed array. This vulnerability is fixed in 5.6.2.

Action-Not Available
Vendor-sveltesveltejsRed Hat, Inc.
Product-devaluedevalueRed Hat Trusted Artifact Signer 1.3Red Hat Build of Podman Desktop - Tech PreviewRed Hat Trusted Artifact Signer 1.2
CWE ID-CWE-405
Asymmetric Resource Consumption (Amplification)
CVE-2026-21945
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.86% / 54.18%
||
7 Day CHG+0.32%
Published-20 Jan, 2026 | 21:56
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.Siemens AG
Product-graalvm_for_jdkjrejdkgraalvmOracle GraalVM for JDKOracle Java SEOracle GraalVM Enterprise EditionOPENJDK ELS 11.0.30Red Hat Enterprise Linux CRB (v. 8)Red Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat OpenJDK 11 ELS for RHEL 9Red Hat Build of OpenJDK 21.0.10Red Hat Enterprise Linux 10Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)Red Hat Build of OpenJDK 8u482Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux Server Optional (v. 7 ELS)Red Hat OpenJDK 11 ELS for RHEL 7Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Build of OpenJDK 25.0.2SIMATIC CN 4100Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)Red Hat Build of OpenJDK 17.0.18Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Temurin Build of OpenJDK 25.0.2Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat OpenJDK 11 ELS for RHEL 8Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux AppStream (v. 9)Red Hat CodeReady Linux Builder EUS (v.9.4)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream AUS (v. 8.2)Red Hat Enterprise Linux Supplementary (v. 8)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat CodeReady Linux Builder EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-295
Improper Certificate Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-1605
Matching Score-8
Assigner-Eclipse Foundation
ShareView Details
Matching Score-8
Assigner-Eclipse Foundation
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.57%
||
7 Day CHG+0.26%
Published-05 Mar, 2026 | 09:39
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response. In this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.

Action-Not Available
Vendor-Eclipse Foundation AISBLRed Hat, Inc.
Product-jettyEclipse JettyRed Hat AMQ Broker 7.14.0Red Hat build of Apicurio Registry 2Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Red Hat build of Debezium 2streams for Apache Kafka 2HawtIO HawtIO 4.4.0Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat Offline Knowledge PortalRed Hat build of Apicurio Registry 3Red Hat Single Sign-On 7streams for Apache Kafka 3Red Hat JBoss EAP 8.1 for RHEL 8Red Hat JBoss Web Server 6Red Hat Process Automation 7Red Hat Satellite 6Red Hat Enterprise Linux 8Red Hat OpenShift Dev Spaces 3.28OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2026-12151
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-7.5||HIGH
EPSS-0.61% / 44.95%
||
7 Day CHG+0.19%
Published-17 Jun, 2026 | 16:05
Updated-02 Jul, 2026 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
undici WebSocket client vulnerable to denial of service via fragment count bypass

Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size validation, collectively causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service. Affected applications are those using the undici WebSocket client (new WebSocket(...)) or the WebSocketStream API that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint. All releases starting at undici 6.17.0 are affected. Patches: Upgrade to undici >= 6.26.0, >= 7.28.0, or >= 8.5.0. Workarounds: No workaround is available. The fix must be applied through an upgrade.

Action-Not Available
Vendor-undiciRed Hat, Inc.Node.js (OpenJS Foundation)
Product-undiciundiciRed Hat Enterprise Linux 9Self-service automation portal 2Red Hat OpenShift Dev SpacesRed Hat Enterprise Linux 8Red Hat Build of Podman DesktopRed Hat Openshift Data Foundation 4Cryostat 4Red Hat AMQ Broker 7Cluster Observability Operator 1.5.0Red Hat Developer HubRed Hat Enterprise Linux 10OpenShift PipelinesRed Hat Hardened ImagesRed Hat OpenShift AI (RHOAI)Red Hat OpenShift Container Platform 4
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-3883
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-8.43% / 94.33%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 00:00
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during reads, and may hang longer.An unauthenticated attacker could repeatedly create hanging LDAP requests to hang all the workers, resulting in a Denial of Service.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Fedora Project
Product-debian_linux389_directory_serverenterprise_linux389-ds-base
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2010-2222
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.35% / 68.08%
||
7 Day CHG~0.00%
Published-05 Nov, 2019 | 19:27
Updated-07 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query.

Action-Not Available
Vendor-Red Hat, Inc.
Product-389_directory_serverdirectory_serverRed Hat Directory Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-4437
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.77% / 51.04%
||
7 Day CHG~0.00%
Published-08 May, 2024 | 08:57
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Etcd: incomplete fix for cve-2021-44716 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it should be updated at compile time instead.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenStack Platform 17.1Red Hat OpenStack Platform 16.1Red Hat OpenStack Platform 18.0Red Hat OpenStack Platform 16.2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-4436
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.77% / 51.04%
||
7 Day CHG~0.00%
Published-08 May, 2024 | 08:57
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Etcd: incomplete fix for cve-2022-41723 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it should be updated at compile time instead.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenStack Platform 16.1Red Hat OpenStack Platform 16.2Red Hat OpenStack Platform 17.1Red Hat OpenStack Platform 18.0
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-4438
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.79% / 51.82%
||
7 Day CHG~0.00%
Published-08 May, 2024 | 08:59
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it should be updated at compile time instead.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenStack Platform 16.1Red Hat OpenStack Platform 18.0Red Hat OpenStack Platform 16.2Red Hat OpenStack Platform 17.1 for RHEL 9
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-7345
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.05% / 60.13%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 13:39
Updated-30 Jun, 2026 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14888
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.12% / 79.62%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 16:25
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.

Action-Not Available
Vendor-Red Hat, Inc.NetApp, Inc.
Product-jboss_data_gridsingle_sign-onjboss_fuseactive_iq_unified_managerundertowjboss_enterprise_application_platformundertow
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-4027
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.57% / 43.21%
||
7 Day CHG+0.14%
Published-30 Jan, 2026 | 14:25
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service (DoS) attack.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apicurio Registry 2Red Hat build of QuarkusRed Hat JBoss Data Grid 7Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Integration Camel K 1Red Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Red Hat build of OptaPlanner 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat Build of KeycloakRed Hat JBoss Fuse Service Works 6streams for Apache KafkaRed Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 8OpenShift ServerlessRed Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apicurio Registry 2Red Hat build of QuarkusRed Hat JBoss Data Grid 7Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Integration Camel K 1Red Hat build of Apache Camel for Spring Boot 4OpenShift ServerlessRed Hat Fuse 7Red Hat build of OptaPlanner 8Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat Build of KeycloakRed Hat JBoss Fuse Service Works 6streams for Apache KafkaRed Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-20
Improper Input Validation
CVE-2024-3884
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.26% / 65.92%
||
7 Day CHG+0.05%
Published-03 Dec, 2025 | 18:40
Updated-08 Jun, 2026 | 09:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows unauthorized users to cause a remote denial of service (DoS) attack.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Data Grid 8Red Hat build of QuarkusRed Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat Build of KeycloakRed Hat JBoss Enterprise Application Platform 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat build of OptaPlanner 8Red Hat build of Apache Camel for Spring Boot 4Red Hat build of Apicurio Registry 2Red Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel - HawtIO 4Red Hat Integration Camel K 1Red Hat Process Automation 7Red Hat JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7Red Hat Fuse 7streams for Apache KafkaRed Hat Integration Camel Quarkus 2Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7OpenShift ServerlessRed Hat JBoss Enterprise Application Platform 7Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apache Camel 4 for Quarkus 3Red Hat JBoss Enterprise Application Platform 8.0Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8Red Hat JBoss Fuse Service Works 6Red Hat JBoss Enterprise Application Platform 8.1
CWE ID-CWE-20
Improper Input Validation
CVE-2026-54297
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.09%
||
7 Day CHG+0.11%
Published-24 Jun, 2026 | 15:50
Updated-30 Jun, 2026 | 12:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nesting depth. A crafted query string causes Faraday to build a deeply nested Ruby Hash structure. The internal dehash routine then recursively walks this attacker-controlled structure without a depth limit. At sufficient depth, Ruby raises an uncaught SystemStackError (stack level too deep), crashing the calling thread or worker. This can lead to denial of service in applications that pass attacker-controlled query strings to Faraday's nested query parsing or URL-building paths. This vulnerability is fixed in 1.10.6 and 2.14.3.

Action-Not Available
Vendor-faraday_projectlostislandRed Hat, Inc.
Product-faradayfaradayRed Hat 3scale API Management Platform 2Red Hat Satellite 6
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-3657
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.26% / 65.93%
||
7 Day CHG~0.00%
Published-28 May, 2024 | 12:53
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
389-ds-base: potential denial of service via specially crafted kerberos as-req request

A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Directory Server 11.7 for RHEL 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Directory Server 12.4 for RHEL 9Red Hat Directory Server 11.9 for RHEL 8Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Directory Server 11.8 for RHEL 8Red Hat Directory Server 12.2 EUS for RHEL 9Red Hat Enterprise Linux 7Red Hat Directory Server 11.5 E4S for RHEL 8Red Hat Enterprise Linux 8
CWE ID-CWE-20
Improper Input Validation
CVE-2024-3653
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.87% / 76.74%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 21:21
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: learningpushhandler can lead to remote memory dos attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Integration Camel Quarkus 2Red Hat build of QuarkusRed Hat JBoss Fuse Service Works 6Red Hat Data Grid 8Red Hat build of Apicurio Registry 2Red Hat Single Sign-On 7streams for Apache KafkaRed Hat Integration Camel K 1Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Red Hat build of Quarkus 3.8.6.redhatRed Hat JBoss Enterprise Application Platform 7Red Hat Process Automation 7Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 8Red Hat Build of KeycloakRed Hat build of Apache Camel 4 for Quarkus 3OpenShift ServerlessRed Hat build of OptaPlanner 8
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-32661
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.22% / 65.13%
||
7 Day CHG~0.00%
Published-23 Apr, 2024 | 20:05
Updated-03 Nov, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeRDP rdp_write_logon_info_v1 NULL access

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Action-Not Available
Vendor-FreeRDPFedora Project
Product-fedorafreerdpFreeRDPfreerdp
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-32660
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.18% / 63.85%
||
7 Day CHG~0.00%
Published-23 Apr, 2024 | 20:03
Updated-03 Nov, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeRDP zgfx_decompress out of memory vulnerability

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Action-Not Available
Vendor-FreeRDPFedora Project
Product-fedorafreerdpFreeRDPfreerdp
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-1635
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-4.57% / 90.46%
||
7 Day CHG~0.00%
Published-19 Feb, 2024 | 21:23
Updated-10 Jun, 2026 | 08:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.

Action-Not Available
Vendor-Red Hat, Inc.NetApp, Inc.
Product-openshift_container_platform_for_powerintegration_camel_for_spring_bootsingle_sign-ononcommand_workflow_automationactive_iq_unified_manageropenshift_container_platformfuseopenshift_container_platform_for_linuxonejboss_enterprise_application_platformRHEL-8 based Middleware ContainersRed Hat JBoss Enterprise Application Platform 8Red Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel 4.4.1 for Spring Boot 3.2Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9OpenShift ServerlessRed Hat build of QuarkusRed Hat Integration Camel Quarkus 2Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat Single Sign-On 7.6 for RHEL 7Red Hat build of Apache Camel for Spring Boot 4streams for Apache KafkaRed Hat Single Sign-On 7.6 for RHEL 9Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7Red Hat build of OptaPlanner 8Red Hat JBoss Data Grid 7RHSSO 7.6.8Red Hat Build of KeycloakRed Hat JBoss Enterprise Application PlatformRed Hat build of Apache Camel 4 for Quarkus 3Red Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat Integration Camel K 1Red Hat build of Apicurio Registry 2Red Hat Data Grid 8Red Hat Fuse 7.13.0Red Hat JBoss Fuse Service Works 6Red Hat Single Sign-On 7.6 for RHEL 8
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-1722
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.7||LOW
EPSS-0.77% / 51.14%
||
7 Day CHG~0.00%
Published-27 Feb, 2024 | 17:39
Updated-21 Nov, 2025 | 06:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak-core: dos via account lockout

A flaw was found in Keycloak. In certain conditions, this issue may allow a remote unauthenticated attacker to block other accounts from logging in.

Action-Not Available
Vendor-Red Hat, Inc.
Product-keycloakRed Hat Single Sign-On 7Red Hat Build of Keycloak
CWE ID-CWE-645
Overly Restrictive Account Lockout Mechanism
CVE-2026-5201
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.07% / 60.72%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 08:32
Updated-30 Jun, 2026 | 12:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-enterprise_linux_server_ausgdk-pixbufenterprise_linux_server_tusenterprise_linuxRed Hat AI Inference Server 3.2Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat AI Inference Server 3.3Red Hat Enterprise Linux BaseOS AUS (v.8.6)Red Hat Enterprise Linux CRB (v. 8)Red Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux BaseOS E4S (v.8.6)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat AI Inference Server 3.2Red Hat Enterprise Linux BaseOS E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux BaseOS AUS (v. 8.2)Red Hat Enterprise Linux 10Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux Server Optional (v. 7 ELS)Red Hat Enterprise Linux BaseOS AUS (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux BaseOS (v. 8)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 9Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux BaseOS TUS (v.8.8)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream AUS (v. 8.2)Red Hat Enterprise Linux BaseOS TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)Red Hat AI Inference Server 3.3
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-2002
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.09% / 61.28%
||
7 Day CHG~0.00%
Published-18 Mar, 2024 | 12:26
Updated-20 Nov, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libdwarf: crashes randomly on fuzzed object

A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8
CWE ID-CWE-415
Double Free
CVE-2024-1726
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.72% / 49.43%
||
7 Day CHG~0.00%
Published-25 Apr, 2024 | 16:29
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Quarkus: security checks for some inherited endpoints performed after serialization in resteasy reactive may trigger a denial of service

A flaw was discovered in the RESTEasy Reactive implementation in Quarkus. Due to security checks for some JAX-RS endpoints being performed after serialization, more processing resources are consumed while the HTTP request is checked. In certain configurations, if an attacker has knowledge of any POST, PUT, or PATCH request paths, they can potentially identify vulnerable endpoints and trigger excessive resource usage as the endpoints process the requests. This can result in a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat build of Quarkus 3.2.11.FinalRed Hat build of Quarkus
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2024-1481
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.11% / 61.91%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 20:39
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Freeipa: specially crafted http requests potentially lead to denial of service

A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8
CWE ID-CWE-20
Improper Input Validation
CVE-2024-1394
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.53% / 71.75%
||
7 Day CHG~0.00%
Published-21 Mar, 2024 | 12:16
Updated-23 Apr, 2026 | 01:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenStack Platform 17.1OpenShift PipelinesRed Hat OpenShift Container Platform 4.14Red Hat Openshift Container Storage 4Red Hat Certification Program for Red Hat Enterprise Linux 9Red Hat OpenStack Platform 18.0Red Hat OpenStack Platform 17.1 for RHEL 8Red Hat OpenShift Container Platform 4Red Hat OpenShift Container Platform 4.15Red Hat Storage 3OpenShift ServerlessRHODF-4.16-RHEL-9Red Hat OpenShift Virtualization 4Red Hat OpenShift on AWSOpenShift Developer Tools and ServicesRed Hat Enterprise Linux 9Red Hat OpenShift Container Platform 4.13Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat OpenStack Platform 16.2Red Hat Ansible Automation Platform 2.4 for RHEL 9Red Hat OpenShift GitOpsRed Hat OpenStack Platform 17.1 for RHEL 9Red Hat Service Interconnect 1Red Hat Ansible Automation Platform 1.2Red Hat Developer ToolsRed Hat OpenShift Dev SpacesRed Hat Certification for Red Hat Enterprise Linux 8Red Hat Software CollectionsRed Hat OpenStack Platform 16.1Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 8Red Hat OpenShift Container Platform 4.12NBDE Tang ServerRed Hat Enterprise Linux 7Red Hat Ansible Automation Platform 2.4 for RHEL 8
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-5172
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.3||HIGH
EPSS-0.93% / 56.37%
||
7 Day CHG+0.29%
Published-11 May, 2026 | 16:48
Updated-30 Jun, 2026 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-5172

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

Action-Not Available
Vendor-dnsmasqRed Hat, Inc.
Product-dnsmasqRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-50589
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.43% / 34.78%
||
7 Day CHG+0.08%
Published-04 Jun, 2026 | 23:59
Updated-30 Jun, 2026 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash.

Action-Not Available
Vendor-Red Hat, Inc.OpenStack
Product-ironicIronicRed Hat OpenStack Platform 17.1Red Hat OpenStack Platform 16.2Red Hat OpenShift Container Platform 4Red Hat OpenStack Platform 18.0
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-49975
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-11.47% / 95.48%
||
7 Day CHG+1.62%
Published-08 Jun, 2026 | 15:26
Updated-30 Jun, 2026 | 03:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_http2 denial of service

Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.

Action-Not Available
Vendor-F5, Inc.The Apache Software FoundationDebian GNU/LinuxRed Hat, Inc.
Product-http_serverdebian_linuxApache HTTP ServerRed Hat JBoss Web Server 5Red Hat JBoss Core Services on RHEL 7 ServerRed Hat JBoss Core Services on RHEL 8Red Hat Enterprise Linux AppStream (v. 9)Red Hat Hardened ImagesRed Hat JBoss Core ServicesRed Hat JBoss Core Services 2.4.62.SP4Red Hat OpenShift Service Mesh 2.6Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux AppStream (v. 10)
CWE ID-CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 14
  • 15
  • Next
Details not found