Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Subscriptions
Total 15801 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-9150 3 Opensuse, Red Hat, Redhat 10 Libsolv, Red Hat Satellite 6, Enterprise Linux and 7 more 2026-06-29 6.5 Medium
A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.
CVE-2026-57966 1 Redhat 1 Enterprise Linux 2026-06-29 4.4 Medium
A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not properly sanitized before being used. An attacker could exploit this to write to sensitive locations with the privileges of the spice-vdagent process, typically the logged-in user. This issue requires the SPICE host to be untrusted or compromised for exploitation.
CVE-2026-57965 1 Redhat 1 Enterprise Linux 2026-06-29 5.1 Medium
A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service (DoS) for the virtual machine. This issue requires the SPICE host to be untrusted or compromised for exploitation.
CVE-2026-5419 2 Gnu, Redhat 11 Gnutls, Discovery, Enterprise Linux and 8 more 2026-06-29 3.7 Low
A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.
CVE-2025-14831 2 Red Hat, Redhat 18 Enterprise Linux, Ai Inference Server, Ceph Storage and 15 more 2026-06-29 5.3 Medium
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
CVE-2025-10911 1 Redhat 10 Enterprise Linux, Enterprise Linux Eus, Hummingbird and 7 more 2026-06-29 5.5 Medium
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
CVE-2026-10118 1 Redhat 11 Ai Inference Server, Enterprise Linux, Enterprise Linux Eus and 8 more 2026-06-27 7.8 High
A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the `tilingPatternFill` function. This overflow leads to an undersized heap memory allocation, allowing a subsequent out-of-bounds write. Successful exploitation could result in arbitrary code execution, information disclosure, or denial of service within the context of the application processing the PDF.
CVE-2026-6893 1 Redhat 6 Dracut, Enterprise Linux, Hardened Images and 3 more 2026-06-27 7.5 High
A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and written into temporary shell scripts without proper escaping, leading to command injection. This allows the attacker to achieve root code execution within the initramfs, potentially compromising the system's boot and network behavior.
CVE-2026-4367 2 Libxpm Projet, Redhat 4 Libxpm, Enterprise Linux, Hardened Images and 1 more 2026-06-26 5.5 Medium
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the `xpmNextWord()` function by processing a specially crafted or very small XPM (X PixMap) image file. This improper validation of file boundaries can cause an internal pointer to read beyond the file's end, leading to application crashes and Denial of Service conditions.
CVE-2023-3640 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-06-26 7 High
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system.
CVE-2023-39328 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2026-06-26 5.5 Medium
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.
CVE-2026-52721 2 Gstreamer Project, Redhat 2 Gstreamer Plugin, Enterprise Linux 2026-06-26 5.3 Medium
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.
CVE-2026-10649 2 Clusterlabs, Redhat 4 Pacemaker, Enterprise Linux, Openshift and 1 more 2026-06-26 8.6 High
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial of service (DoS) in the CIB remote listener. This can result in the affected service crashing.
CVE-2023-4727 1 Redhat 6 Certificate System Eus, Enterprise Linux, Rhel Aus and 3 more 2026-06-26 7.5 High
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
CVE-2024-2199 1 Redhat 4 Directory Server, Directory Server E4s, Enterprise Linux and 1 more 2026-06-26 5.7 Medium
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
CVE-2025-31181 2 Gnuplot, Redhat 2 Gnuplot, Enterprise Linux 2026-06-26 6.2 Medium
A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash.
CVE-2024-49395 3 Mutt, Neomutt, Redhat 3 Mutt, Neomutt, Enterprise Linux 2026-06-26 5.3 Medium
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
CVE-2024-49394 3 Mutt, Neomutt, Redhat 3 Mutt, Neomutt, Enterprise Linux 2026-06-26 5.3 Medium
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.
CVE-2024-49393 3 Mutt, Neomutt, Redhat 3 Mutt, Neomutt, Enterprise Linux 2026-06-26 6.5 Medium
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
CVE-2024-52337 1 Redhat 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more 2026-06-26 5.5 Medium
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.