← Back

Redhat

redhat

5,678 CVEs • 537 products

Products (537)

Click to collapse
Toggle
Enterprise Linux Desktop
enterprise_linux_desktop
1,928 CVEs
Enterprise Linux Server
enterprise_linux_server
1,891 CVEs
Enterprise Linux Workstation
enterprise_linux_workstation
1,845 CVEs
Enterprise Linux
enterprise_linux
1,806 CVEs
Enterprise Linux Server Aus
enterprise_linux_server_aus
1,058 CVEs
Enterprise Linux Eus
enterprise_linux_eus
779 CVEs
Enterprise Linux Server Tus
enterprise_linux_server_tus
767 CVEs
Enterprise Linux Server Eus
enterprise_linux_server_eus
622 CVEs
Openshift Container Platform
openshift_container_platform
304 CVEs
Jboss Enterprise Application Platform
jboss_enterprise_application_platform
243 CVEs
Linux
linux
229 CVEs
Satellite
satellite
225 CVEs
Openstack
openstack
210 CVEs
Enterprise Linux Hpc Node
enterprise_linux_hpc_node
146 CVEs
Openshift
openshift
146 CVEs
Software Collections
software_collections
136 CVEs
Virtualization
virtualization
128 CVEs
Enterprise Linux For Ibm Z Systems
enterprise_linux_for_ibm_z_systems
113 CVEs
Single Sign On
single_sign_on
112 CVEs
Enterprise Linux For Power Little Endian
enterprise_linux_for_power_little_endian
107 CVEs
Keycloak
keycloak
98 CVEs
Enterprise Linux For Power Little Endian Eus
enterprise_linux_for_power_little_endian_eus
94 CVEs
Enterprise Linux For Ibm Z Systems Eus
enterprise_linux_for_ibm_z_systems_eus
88 CVEs
Enterprise Linux Workstation Supplementary
enterprise_linux_workstation_supplementary
86 CVEs
Enterprise Linux Desktop Supplementary
enterprise_linux_desktop_supplementary
84 CVEs
Enterprise Linux Server Supplementary
enterprise_linux_server_supplementary
84 CVEs
Virtualization Host
virtualization_host
84 CVEs
Enterprise Linux Server Supplementary Eus
enterprise_linux_server_supplementary_eus
83 CVEs
Enterprise Linux Hpc Node Eus
enterprise_linux_hpc_node_eus
81 CVEs
Fedora Core
fedora_core
77 CVEs
Enterprise Mrg
enterprise_mrg
73 CVEs
Libvirt
libvirt
73 CVEs
Enterprise Linux For Scientific Computing
enterprise_linux_for_scientific_computing
71 CVEs
Linux Advanced Workstation
linux_advanced_workstation
65 CVEs
Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
64 CVEs
Ansible Tower
ansible_tower
64 CVEs
Build Of Keycloak
build_of_keycloak
55 CVEs
Cloudforms
cloudforms
48 CVEs
Enterprise Linux For Arm 64
enterprise_linux_for_arm_64
46 CVEs
Enterprise Linux For Power Big Endian
enterprise_linux_for_power_big_endian
45 CVEs
Ansible
ansible
45 CVEs
Ceph Storage
ceph_storage
45 CVEs
Enterprise Linux Aus
enterprise_linux_aus
44 CVEs
Linux Desktop
linux_desktop
44 CVEs
Linux Server
linux_server
44 CVEs
Linux Workstation
linux_workstation
44 CVEs
Enterprise Linux Server Update Services For Sap Solutions
enterprise_linux_server_update_services_for_sap_solutions
43 CVEs
Enterprise Linux For Real Time
enterprise_linux_for_real_time
43 CVEs
Cloudforms Management Engine
cloudforms_management_engine
42 CVEs
Jboss Fuse
jboss_fuse
42 CVEs
Codeready Linux Builder
codeready_linux_builder
42 CVEs
Undertow
undertow
40 CVEs
Openstack Platform
openstack_platform
39 CVEs
Enterprise Linux For Real Time For Nfv
enterprise_linux_for_real_time_for_nfv
37 CVEs
Enterprise Linux For Arm 64 Eus
enterprise_linux_for_arm_64_eus
37 CVEs
Enterprise Virtualization
enterprise_virtualization
36 CVEs
Jboss Enterprise Web Server
jboss_enterprise_web_server
35 CVEs
Directory Server
directory_server
34 CVEs
Jboss Core Services
jboss_core_services
33 CVEs
Openshift Application Runtimes
openshift_application_runtimes
33 CVEs
Storage
storage
31 CVEs
Quay
quay
31 CVEs
Fuse
fuse
29 CVEs
Gluster Storage
gluster_storage
25 CVEs
Jboss Data Grid
jboss_data_grid
25 CVEs
Ansible Engine
ansible_engine
25 CVEs
Enterprise Linux Update Services For Sap Solutions
enterprise_linux_update_services_for_sap_solutions
25 CVEs
Jboss Operations Network
jboss_operations_network
24 CVEs
Process Automation
process_automation
24 CVEs
Ansible Automation Platform
ansible_automation_platform
24 CVEs
Hardened Images
hardened_images
24 CVEs
Jboss Enterprise Brms Platform
jboss_enterprise_brms_platform
23 CVEs
Openshift Container Platform For Power
openshift_container_platform_for_power
23 CVEs
Jboss Enterprise Portal Platform
jboss_enterprise_portal_platform
22 CVEs
Enterprise Linux For Real Time For Nfv Tus
enterprise_linux_for_real_time_for_nfv_tus
22 CVEs
Jboss Enterprise Web Platform
jboss_enterprise_web_platform
21 CVEs
Data Grid
data_grid
21 CVEs
Enterprise Linux For Real Time Tus
enterprise_linux_for_real_time_tus
21 CVEs
Openshift Service Mesh
openshift_service_mesh
21 CVEs
Build Of Quarkus
build_of_quarkus
21 CVEs
Enterprise Linux For Power Big Endian Eus
enterprise_linux_for_power_big_endian_eus
20 CVEs
Enterprise Linux Tus
enterprise_linux_tus
20 CVEs
Decision Manager
decision_manager
20 CVEs
Codeready Linux Builder Eus
codeready_linux_builder_eus
20 CVEs
Integration Camel K
integration_camel_k
20 CVEs
Enterprise Virtualization Manager
enterprise_virtualization_manager
19 CVEs
Certificate System
certificate_system
18 CVEs
Resteasy
resteasy
18 CVEs
Jboss Bpm Suite
jboss_bpm_suite
18 CVEs
Wildfly
wildfly
18 CVEs
Codeready Linux Builder For Arm64 Eus
codeready_linux_builder_for_arm64_eus
18 CVEs
Codeready Linux Builder For Ibm Z Systems Eus
codeready_linux_builder_for_ibm_z_systems_eus
18 CVEs
Jboss Enterprise Soa Platform
jboss_enterprise_soa_platform
17 CVEs
Jboss A Mq
jboss_a-mq
17 CVEs
Ceph
ceph
17 CVEs
389 Directory Server
389_directory_server
17 CVEs
Codeready Linux Builder For Power Little Endian Eus
codeready_linux_builder_for_power_little_endian_eus
17 CVEs
Openshift Container Platform For Linuxone
openshift_container_platform_for_linuxone
17 CVEs
Jboss Enterprise Application Platform Expansion Pack
jboss_enterprise_application_platform_expansion_pack
17 CVEs
Codeready Linux Builder For Ibm Z Systems
codeready_linux_builder_for_ibm_z_systems
16 CVEs

CVEs (5,678)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-0351
4Adobe
OpensuseRedhat+1 more
8Enterprise Linux Desktop Supplementary
Enterprise Linux Server SupplementaryEnterprise Linux Server Supplementary Eus+5 more
May 6, 2026
Apr 14, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified...Show more
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0358, and CVE-2015-3039.Show less
CVE-2015-0350
4Adobe
OpensuseRedhat+1 more
8Enterprise Linux Desktop Supplementary
Enterprise Linux Server SupplementaryEnterprise Linux Server Supplementary Eus+5 more
May 6, 2026
Apr 14, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption...Show more
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.Show less
CVE-2015-0349
4Adobe
OpensuseRedhat+1 more
8Enterprise Linux Desktop Supplementary
Enterprise Linux Server SupplementaryEnterprise Linux Server Supplementary Eus+5 more
May 6, 2026
Apr 14, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified...Show more
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-2015-3039.Show less
CVE-2015-0348
4Adobe
OpensuseRedhat+1 more
8Enterprise Linux Desktop Supplementary
Enterprise Linux Server SupplementaryEnterprise Linux Server Supplementary Eus+5 more
May 6, 2026
Apr 14, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors.
CVE-2015-0347
4Adobe
OpensuseRedhat+1 more
8Enterprise Linux Desktop Supplementary
Enterprise Linux Server SupplementaryEnterprise Linux Server Supplementary Eus+5 more
May 6, 2026
Apr 14, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption...Show more
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.Show less
CVE-2015-0346
4Adobe
OpensuseRedhat+1 more
8Enterprise Linux Desktop Supplementary
Enterprise Linux Server SupplementaryEnterprise Linux Server Supplementary Eus+5 more
May 6, 2026
Apr 14, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified ve...Show more
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359.Show less
CVE-2015-2775
4Canonical
DebianGnu+1 more
4Debian Linux
Enterprise LinuxMailman+1 more
May 6, 2026
Apr 13, 2015
N/A· v4
N/A· v3
7.6 HIGH· v2
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
CVE-2015-1842
1Redhat
1Openstack
May 6, 2026
Apr 10, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspe...Show more
The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspecified vectors.Show less
CVE-2015-0251
5Apache
AppleOpensuse+2 more
9Enterprise Linux Desktop
Enterprise Linux Hpc NodeEnterprise Linux Server+6 more
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
CVE-2015-0248
5Apache
AppleOpensuse+2 more
9Enterprise Linux Desktop
Enterprise Linux Hpc NodeEnterprise Linux Server+6 more
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combination...Show more
The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.Show less
CVE-2015-1843
1Redhat
1Docker
May 6, 2026
Apr 6, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks...Show more
The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. NOTE: this vulnerability exists because of a CVE-2014-5277 regression.Show less
CVE-2015-2808
9Canonical
DebianFujitsu+6 more
619700 Firmware
Cognos Metrics ManagerCommunications Application Session Controller+58 more
May 28, 2026
Apr 1, 2015
N/A· v4
3.7 LOW· v3
5.0 MEDIUM· v2
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recover...Show more
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.Show less
CVE-2015-0283
1Redhat
1Slapi Nis
May 6, 2026
Mar 30, 2015
N/A· v4
N/A· v3
7.8 HIGH· v2
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1...Show more
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that belongs to a large number of groups.Show less
CVE-2015-2787
4Apple
OpensusePhp+1 more
9Enterprise Linux Desktop
Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more
May 6, 2026
Mar 30, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via...Show more
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.Show less
CVE-2015-2348
4Apple
OpensusePhp+1 more
9Enterprise Linux Desktop
Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more
May 6, 2026
Mar 30, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attac...Show more
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.Show less
CVE-2015-2301
6Apple
CanonicalDebian+3 more
11Debian Linux
Enterprise Linux DesktopEnterprise Linux Hpc Node+8 more
May 6, 2026
Mar 30, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact...Show more
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.Show less
CVE-2015-0279
1Redhat
1Richfaces
May 6, 2026
Mar 26, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.
CVE-2015-0250
3Apache
CanonicalRedhat
3Batik
Jboss Enterprise Brms PlatformUbuntu Linux
May 6, 2026
Mar 24, 2015
N/A· v4
N/A· v3
6.4 MEDIUM· v2
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG f...Show more
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.Show less
CVE-2014-8169
3Automount Project
OpensuseRedhat
6Automount
Enterprise Linux DesktopEnterprise Linux Hpc Node+3 more
May 6, 2026
Mar 18, 2015
N/A· v4
N/A· v3
4.4 MEDIUM· v2
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows lo...Show more
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.Show less
CVE-2015-0271
1Redhat
1Openstack
May 6, 2026
Mar 10, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.