Export limit exceeded: 23274 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23274 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23538 | 1 Redhat | 1 Openshift Ai | 2026-03-24 | 7.5 High |
| A vulnerability was identified in the Feast Feature Server's `/ws/chat` endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU, and file descriptors—leading to a complete denial of service for legitimate users. | ||||
| CVE-2022-49267 | 1 Redhat | 1 Enterprise Linux | 2026-03-24 | 6.7 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-1247 | 1 Redhat | 2 Camel Quarkus, Quarkus | 2026-03-23 | 8.3 High |
| A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information. | ||||
| CVE-2024-27042 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2026-03-23 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-8766 | 1 Redhat | 1 Openshift Data Foundation | 2026-03-23 | 6.4 Medium |
| A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container | ||||
| CVE-2025-57849 | 1 Redhat | 2 Fuse, Jboss Fuse | 2026-03-23 | 6.4 Medium |
| A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container. | ||||
| CVE-2025-2842 | 1 Redhat | 1 Openshift Distributed Tracing | 2026-03-22 | 4.3 Medium |
| A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to grant the cluster-monitoring-view ClusterRole. This can be exploited if a user has 'create' permissions on TempoStack and 'get' permissions on Secret in a namespace (for example, a user has ClusterAdmin permissions for a specific namespace), as the user can read the token of the Tempo service account and therefore has access to see all cluster metrics. | ||||
| CVE-2025-2786 | 1 Redhat | 1 Openshift Distributed Tracing | 2026-03-22 | 4.3 Medium |
| A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview and SubjectAccessReview requests, potentially revealing information about other users' permissions. While this does not allow privilege escalation or impersonation, it exposes information that could aid in gathering information for further attacks. | ||||
| CVE-2023-53566 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2026-03-21 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] nft_add_set_elem+0x14b0/0x2990 nf_tables_newsetelem+0x528/0xb30 Furthermore, there is a possible use-after-free while iterating, 'node' can be free'd so we need to cache the next value to use. | ||||
| CVE-2025-5987 | 2 Libssh, Redhat | 6 Libssh, Enterprise Linux, Enterprise Linux Eus and 3 more | 2026-03-20 | 8.1 High |
| A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes. | ||||
| CVE-2025-2877 | 1 Redhat | 2 Ansible Automation Platform, Ansible Automation Platform Developer | 2026-03-20 | 6.5 Medium |
| A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams. | ||||
| CVE-2024-9671 | 1 Redhat | 2 3scale Api Management Platform, Red Hat 3scale Amp | 2026-03-20 | 5.3 Medium |
| A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed. | ||||
| CVE-2024-10295 | 1 Redhat | 2 3scale Api Management, Red Hat 3scale Amp | 2026-03-20 | 7.5 High |
| A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream. | ||||
| CVE-2024-7143 | 2 Pulpproject, Redhat | 6 Pulp, Ansible Automation Platform, Ansible Automation Platform Developer and 3 more | 2026-03-20 | 8.3 High |
| A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing. | ||||
| CVE-2023-6816 | 4 Debian, Fedoraproject, Redhat and 1 more | 13 Debian Linux, Fedora, Enterprise Linux and 10 more | 2026-03-19 | 9.8 Critical |
| A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used. | ||||
| CVE-2025-4945 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-03-19 | 3.7 Low |
| A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines. | ||||
| CVE-2025-6035 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2026-03-19 | 6.1 Medium |
| A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios. | ||||
| CVE-2025-11568 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-03-19 | 4.4 Medium |
| A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue. | ||||
| CVE-2025-11561 | 1 Redhat | 9 Ceph Storage, Enterprise Linux, Openshift and 6 more | 2026-03-19 | 8.8 High |
| A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | ||||
| CVE-2024-9407 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhel Eus | 2026-03-19 | 4.7 Medium |
| A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files. | ||||