← Back

Redhat

redhat

5,653 CVEs • 533 products

Products (533)

Click to collapse
Toggle
Enterprise Linux Desktop
enterprise_linux_desktop
1,928 CVEs
Enterprise Linux Server
enterprise_linux_server
1,891 CVEs
Enterprise Linux Workstation
enterprise_linux_workstation
1,845 CVEs
Enterprise Linux
enterprise_linux
1,788 CVEs
Enterprise Linux Server Aus
enterprise_linux_server_aus
1,058 CVEs
Enterprise Linux Eus
enterprise_linux_eus
779 CVEs
Enterprise Linux Server Tus
enterprise_linux_server_tus
767 CVEs
Enterprise Linux Server Eus
enterprise_linux_server_eus
622 CVEs
Openshift Container Platform
openshift_container_platform
297 CVEs
Jboss Enterprise Application Platform
jboss_enterprise_application_platform
243 CVEs
Linux
linux
229 CVEs
Satellite
satellite
225 CVEs
Openstack
openstack
210 CVEs
Enterprise Linux Hpc Node
enterprise_linux_hpc_node
146 CVEs
Openshift
openshift
146 CVEs
Software Collections
software_collections
136 CVEs
Virtualization
virtualization
128 CVEs
Enterprise Linux For Ibm Z Systems
enterprise_linux_for_ibm_z_systems
112 CVEs
Single Sign On
single_sign_on
112 CVEs
Enterprise Linux For Power Little Endian
enterprise_linux_for_power_little_endian
106 CVEs
Keycloak
keycloak
98 CVEs
Enterprise Linux For Power Little Endian Eus
enterprise_linux_for_power_little_endian_eus
93 CVEs
Enterprise Linux For Ibm Z Systems Eus
enterprise_linux_for_ibm_z_systems_eus
87 CVEs
Enterprise Linux Workstation Supplementary
enterprise_linux_workstation_supplementary
86 CVEs
Enterprise Linux Desktop Supplementary
enterprise_linux_desktop_supplementary
84 CVEs
Enterprise Linux Server Supplementary
enterprise_linux_server_supplementary
84 CVEs
Virtualization Host
virtualization_host
84 CVEs
Enterprise Linux Server Supplementary Eus
enterprise_linux_server_supplementary_eus
83 CVEs
Enterprise Linux Hpc Node Eus
enterprise_linux_hpc_node_eus
81 CVEs
Fedora Core
fedora_core
77 CVEs
Enterprise Mrg
enterprise_mrg
73 CVEs
Libvirt
libvirt
73 CVEs
Enterprise Linux For Scientific Computing
enterprise_linux_for_scientific_computing
71 CVEs
Linux Advanced Workstation
linux_advanced_workstation
65 CVEs
Ansible Tower
ansible_tower
64 CVEs
Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
63 CVEs
Build Of Keycloak
build_of_keycloak
55 CVEs
Cloudforms
cloudforms
48 CVEs
Enterprise Linux For Arm 64
enterprise_linux_for_arm_64
46 CVEs
Enterprise Linux For Power Big Endian
enterprise_linux_for_power_big_endian
45 CVEs
Ansible
ansible
45 CVEs
Ceph Storage
ceph_storage
45 CVEs
Enterprise Linux Aus
enterprise_linux_aus
44 CVEs
Linux Desktop
linux_desktop
44 CVEs
Linux Server
linux_server
44 CVEs
Linux Workstation
linux_workstation
44 CVEs
Enterprise Linux Server Update Services For Sap Solutions
enterprise_linux_server_update_services_for_sap_solutions
43 CVEs
Enterprise Linux For Real Time
enterprise_linux_for_real_time
43 CVEs
Cloudforms Management Engine
cloudforms_management_engine
42 CVEs
Jboss Fuse
jboss_fuse
42 CVEs
Codeready Linux Builder
codeready_linux_builder
41 CVEs
Undertow
undertow
40 CVEs
Openstack Platform
openstack_platform
39 CVEs
Enterprise Linux For Real Time For Nfv
enterprise_linux_for_real_time_for_nfv
37 CVEs
Enterprise Linux For Arm 64 Eus
enterprise_linux_for_arm_64_eus
37 CVEs
Enterprise Virtualization
enterprise_virtualization
36 CVEs
Jboss Enterprise Web Server
jboss_enterprise_web_server
35 CVEs
Jboss Core Services
jboss_core_services
33 CVEs
Openshift Application Runtimes
openshift_application_runtimes
33 CVEs
Storage
storage
31 CVEs
Quay
quay
31 CVEs
Fuse
fuse
28 CVEs
Directory Server
directory_server
27 CVEs
Gluster Storage
gluster_storage
25 CVEs
Jboss Data Grid
jboss_data_grid
25 CVEs
Ansible Engine
ansible_engine
25 CVEs
Enterprise Linux Update Services For Sap Solutions
enterprise_linux_update_services_for_sap_solutions
25 CVEs
Jboss Operations Network
jboss_operations_network
24 CVEs
Process Automation
process_automation
24 CVEs
Ansible Automation Platform
ansible_automation_platform
24 CVEs
Jboss Enterprise Brms Platform
jboss_enterprise_brms_platform
23 CVEs
Openshift Container Platform For Power
openshift_container_platform_for_power
23 CVEs
Hardened Images
hardened_images
23 CVEs
Jboss Enterprise Portal Platform
jboss_enterprise_portal_platform
22 CVEs
Enterprise Linux For Real Time For Nfv Tus
enterprise_linux_for_real_time_for_nfv_tus
22 CVEs
Jboss Enterprise Web Platform
jboss_enterprise_web_platform
21 CVEs
Data Grid
data_grid
21 CVEs
Enterprise Linux For Real Time Tus
enterprise_linux_for_real_time_tus
21 CVEs
Openshift Service Mesh
openshift_service_mesh
21 CVEs
Build Of Quarkus
build_of_quarkus
21 CVEs
Enterprise Linux For Power Big Endian Eus
enterprise_linux_for_power_big_endian_eus
20 CVEs
Enterprise Linux Tus
enterprise_linux_tus
20 CVEs
Decision Manager
decision_manager
20 CVEs
Codeready Linux Builder Eus
codeready_linux_builder_eus
20 CVEs
Integration Camel K
integration_camel_k
20 CVEs
Enterprise Virtualization Manager
enterprise_virtualization_manager
19 CVEs
Certificate System
certificate_system
18 CVEs
Resteasy
resteasy
18 CVEs
Jboss Bpm Suite
jboss_bpm_suite
18 CVEs
Wildfly
wildfly
18 CVEs
Codeready Linux Builder For Arm64 Eus
codeready_linux_builder_for_arm64_eus
18 CVEs
Codeready Linux Builder For Ibm Z Systems Eus
codeready_linux_builder_for_ibm_z_systems_eus
18 CVEs
Jboss Enterprise Soa Platform
jboss_enterprise_soa_platform
17 CVEs
Jboss A Mq
jboss_a-mq
17 CVEs
Ceph
ceph
17 CVEs
Codeready Linux Builder For Power Little Endian Eus
codeready_linux_builder_for_power_little_endian_eus
17 CVEs
Openshift Container Platform For Linuxone
openshift_container_platform_for_linuxone
17 CVEs
Jboss Enterprise Application Platform Expansion Pack
jboss_enterprise_application_platform_expansion_pack
17 CVEs
Codeready Linux Builder For Ibm Z Systems
codeready_linux_builder_for_ibm_z_systems
16 CVEs
Codeready Linux Builder For Power Little Endian
codeready_linux_builder_for_power_little_endian
16 CVEs

CVEs (5,653)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-46846
2Redhat
Squid Cache
8Enterprise Linux
Enterprise Linux EusEnterprise Linux For Arm 64+5 more
Dec 18, 2024
Nov 3, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-38473
2Avahi
Redhat
2Avahi
Enterprise Linux
Nov 3, 2025
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
CVE-2022-4900
2Php
Redhat
3Enterprise Linux
PhpSoftware Collections
Nov 3, 2025
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
CVE-2023-38472
2Avahi
Redhat
2Avahi
Enterprise Linux
Nov 3, 2025
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.
CVE-2023-38471
2Avahi
Redhat
2Avahi
Enterprise Linux
Nov 3, 2025
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
CVE-2023-38470
2Avahi
Redhat
2Avahi
Enterprise Linux
Nov 3, 2025
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
CVE-2023-38469
2Avahi
Redhat
2Avahi
Enterprise Linux
Nov 3, 2025
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.
CVE-2023-3164
2Libtiff
Redhat
2Enterprise Linux
Libtiff
Nov 21, 2024
Nov 2, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.
CVE-2023-5408
1Redhat
1Openshift Container Platform
Nov 21, 2024
Nov 2, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane an...Show more
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.Show less
CVE-2023-1192
2Linux
Redhat
2Enterprise Linux
Linux Kernel
Nov 21, 2024
Nov 1, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the syst...Show more
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.Show less
CVE-2023-5178
3Linux
NetappRedhat
5Active Iq Unified Manager
Enterprise LinuxLinux Kernel+2 more
Mar 24, 2026
Nov 1, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-a...Show more
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.Show less
CVE-2023-3972
1Redhat
19Enterprise Linux
Enterprise Linux AusEnterprise Linux Desktop+16 more
Nov 21, 2024
Nov 1, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insig...Show more
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).Show less
CVE-2023-5625
1Redhat
5Openshift Container Platform For Arm64
Openshift Container Platform For LinuxoneOpenshift Container Platform For Power+2 more
Dec 6, 2024
Nov 1, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.
CVE-2023-5574
2Redhat
X.org
2Enterprise Linux
X Server
Nov 21, 2024
Oct 25, 2023
N/A· v4
7.0 HIGH· v3
N/A· v2
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the po...Show more
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service.Show less
CVE-2023-5380
4Debian
FedoraprojectRedhat+1 more
5Debian Linux
Enterprise LinuxFedora+2 more
Nov 4, 2025
Oct 25, 2023
N/A· v4
4.7 MEDIUM· v3
N/A· v2
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the poin...Show more
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.Show less
CVE-2023-5367
4Debian
FedoraprojectRedhat+1 more
12Debian Linux
Enterprise LinuxEnterprise Linux Desktop+9 more
Nov 4, 2025
Oct 25, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproper...Show more
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.Show less
CVE-2023-4693
2Gnu
Redhat
2Enterprise Linux
Grub2
Nov 4, 2025
Oct 25, 2023
N/A· v4
4.6 MEDIUM· v3
N/A· v2
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A succe...Show more
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.Show less
CVE-2023-4692
2Gnu
Redhat
2Enterprise Linux
Grub2
Nov 4, 2025
Oct 25, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumst...Show more
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.Show less
CVE-2023-5633
2Linux
Redhat
22Codeready Linux Builder
Codeready Linux Builder EusCodeready Linux Builder For Arm64+19 more
Feb 25, 2026
Oct 23, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running insi...Show more
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.Show less
CVE-2023-5557
2Gnome
Redhat
2Enterprise Linux
Tracker Miners
Nov 21, 2024
Oct 13, 2023
N/A· v4
7.7 HIGH· v3
N/A· v2
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vuln...Show more
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.Show less