Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-25 | CVE-2025-26600 | Use After Free vulnerability in multiple products A use-after-free flaw was found in X.Org and Xwayland. | 7.8 |
| 2025-02-25 | CVE-2025-26601 | Use After Free vulnerability in multiple products A use-after-free flaw was found in X.Org and Xwayland. | 7.8 |
| 2025-02-18 | CVE-2025-26465 | A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. | 6.8 |
| 2024-11-12 | CVE-2024-49394 | Improper Verification of Cryptographic Signature vulnerability in multiple products In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender. | 5.3 |
| 2024-11-12 | CVE-2024-49395 | In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. | 5.3 |
| 2024-11-12 | CVE-2024-49393 | Improper Verification of Cryptographic Signature vulnerability in multiple products In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. | 5.9 |
| 2024-11-04 | CVE-2024-51127 | Unspecified vulnerability in Redhat Hornetq An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information. | 7.1 |
| 2024-10-29 | CVE-2024-50074 | Out-of-bounds Read vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). | 7.8 |
| 2024-10-22 | CVE-2024-10234 | Unspecified vulnerability in Redhat products A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. | 7.3 |
| 2024-10-17 | CVE-2024-9683 | Improper Authentication vulnerability in Redhat Quay 3.0.0 A vulnerability was found in Quay, which allows successful authentication even when a truncated password version is provided. | 5.3 |