VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1787 advisories across 32 monitored vendors.
Use after free in Digital Credentials. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825.
Use after free in FileSystem. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825.
Use after free in Autofill. Red Hat rates this critical (CVSS 8.8). Weakness: CWE-825.
Out of bounds read in Blink>InterestGroups. Red Hat rates this critical (CVSS 8.8). Weakness: CWE-125.
Remote code execution via Zip Slip vulnerability in model download. Red Hat rates this important (CVSS 8.3). Weakness: CWE-22.
Remote code execution via malicious HTML in Playwright-based rendering. Red Hat rates this important (CVSS 8.2). Weakness: CWE-918.
Denial of Service via crafted Markdown input. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333.
Denial of Service via crafted nested query strings. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Remote Code Execution via Unsafe Deserialization in gRPC Registry Server. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502.
Arbitrary code execution outside sandbox. Red Hat rates this important (CVSS 8.5). Weakness: CWE-917.
A flaw was found in Jenkins Script Security Plugin. This vulnerability allows attackers who can provide sandboxed Groovy scripts to bypass security sandbox protections. By exploiting a failure to properly intercept implicit type casts in typed for-each loops, an attacker can invoke arbitrary constructors, potentially leading to arbitrary code execution within the Jenkins environment. The scope is unchanged (S:U) because the sandbox and the Jenkins controller share the same security authority — a sandbox escape executes code in the same context rather than crossing a trust boundary to a separate system. Red Hat severity: Important — CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Weakness: CWE-1287: Improper Validation of Specified Type of Input. Affected product named by the advisory: OpenShift Developer Tools and Services.
purge outqueue on stale COOKIE-ECHO handling. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
fix missing zerocopy reference in pskb_carve helpers. Red Hat rates this important (CVSS 7.8). Weakness: CWE-911.
fix UAF with retry loop. Red Hat rates this important (CVSS 7). Weakness: CWE-825.
handle empty bo and UAF races. Red Hat rates this important (CVSS 7). Weakness: CWE-476.
Fix WARN_ON in __iommu_group_set_domain_nofail() due to reset. Red Hat rates this important (CVSS 7). Weakness: CWE-825.
Reject wrapped offset in kvm_reset_dirty_gfn(). Red Hat rates this important (CVSS 7). Weakness: CWE-190.
af_alg - Cap AEAD AD length to 0x80000000. Red Hat rates this important (CVSS 7). Weakness: CWE-190.
Drop CLONE_THREAD requirement for private default hash alloc. Red Hat rates this important (CVSS 7). Weakness: CWE-825.
Fix error cleanup in xe_exec_queue_create_ioctl(). Red Hat rates this important (CVSS 7). Weakness: CWE-825.