Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Eus
Subscriptions
Total
3011 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-5953 | 1 Redhat | 6 Directory Server, Directory Server E4s, Directory Server Eus and 3 more | 2025-09-12 | 5.7 Medium |
| A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. | ||||
| CVE-2024-1062 | 2 Fedoraproject, Redhat | 16 Fedora, 389 Directory Server, Directory Server and 13 more | 2025-09-12 | 5.5 Medium |
| A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. | ||||
| CVE-2024-2199 | 1 Redhat | 4 Directory Server, Directory Server E4s, Enterprise Linux and 1 more | 2025-09-12 | 5.7 Medium |
| A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. | ||||
| CVE-2023-5455 | 3 Fedoraproject, Freeipa, Redhat | 25 Fedora, Freeipa, Codeready Linux Builder and 22 more | 2025-09-12 | 6.5 Medium |
| A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt. | ||||
| CVE-2024-3657 | 1 Redhat | 5 Directory Server, Directory Server E4s, Directory Server Eus and 2 more | 2025-09-12 | 7.5 High |
| A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service | ||||
| CVE-2024-2698 | 2 Freeipa, Redhat | 4 Freeipa, Enterprise Linux, Enterprise Linux Eus and 1 more | 2025-09-12 | 8.8 High |
| A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request. In FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule. | ||||
| CVE-2024-11218 | 1 Redhat | 7 Enterprise Linux, Openshift, Openshift Ironic and 4 more | 2025-09-12 | 8.6 High |
| A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. | ||||
| CVE-2024-1753 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhel Eus | 2025-09-12 | 8.6 High |
| A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. | ||||
| CVE-2023-46848 | 2 Redhat, Squid-cache | 6 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 3 more | 2025-09-12 | 8.6 High |
| Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | ||||
| CVE-2023-46847 | 2 Redhat, Squid-cache | 15 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 12 more | 2025-09-12 | 8.6 High |
| Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | ||||
| CVE-2023-46846 | 2 Redhat, Squid-cache | 13 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 10 more | 2025-09-12 | 9.3 Critical |
| SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. | ||||
| CVE-2023-4727 | 1 Redhat | 6 Certificate System Eus, Enterprise Linux, Rhel Aus and 3 more | 2025-09-12 | 7.5 High |
| A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege. | ||||
| CVE-2023-5824 | 2 Redhat, Squid-cache | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-09-12 | 7.5 High |
| A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service. | ||||
| CVE-2025-2487 | 1 Redhat | 4 Directory Server, Directory Server Eus, Enterprise Linux and 1 more | 2025-09-12 | 4.9 Medium |
| A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash. | ||||
| CVE-2025-6032 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhel Eus | 2025-09-12 | 8.3 High |
| A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack. | ||||
| CVE-2025-48798 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-09-12 | 7.3 High |
| A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues. | ||||
| CVE-2025-48797 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-09-12 | 7.3 High |
| A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow. | ||||
| CVE-2025-4404 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-09-12 | 9.1 Critical |
| A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration. | ||||
| CVE-2023-5870 | 2 Postgresql, Redhat | 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more | 2025-09-10 | 2.2 Low |
| A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack. | ||||
| CVE-2024-8176 | 1 Redhat | 9 Devworkspace, Discovery, Enterprise Linux and 6 more | 2025-09-10 | 7.5 High |
| A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. | ||||