VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
clear i_sends on setup unwind. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
Cookie injection allows planting cookies for unrelated domains. Red Hat rates this moderate (CVSS 4). Weakness: CWE-346.
Heap buffer overwrite via incorrect argument handling in JP2 encoder. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-787.
Denial of Service via invalid arguments to connected-components option. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-835.
Denial of Service via crafted image in MVG decoder. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-787.
Heap buffer overflow in MVG decoder allows out-of-bounds write. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-787.
Denial of Service via crafted 8BIM profile. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-825.
Information disclosure vulnerability in MNG decoder. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-908.
Information disclosure via overly permissive file permissions. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-277.
Denial of Service via integer overflow in XCF decoder. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-125.
Unauthorized file access due to missing policy checks in concatenate operation. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-1220.
Arbitrary host file read via symlink following in CRI checkpoint restore. Red Hat rates this important (CVSS 6.5). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:15862 with package syft-main-1.46.0-0.1.hum1, grype-main-0.115.0-0.1.hum1, trivy-main-0.69.3-1.2.hum1.
Arbitrary code execution via CRI checkpoint image tag poisoning. Red Hat rates this moderate (CVSS 6.7). Weakness: CWE-1289. Red Hat lists fixing advisory RHSA-2026:35111 with package trivy-main-0.72.0-0.1.hum1.
Denial of Service via maliciously crafted image leading to unbounded group parsing. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:35111 with package syft-main-1.46.0-0.1.hum1, trivy-main-0.72.0-0.1.hum1, kubernetes1-35-main-1.35.6-1.hum1, grype-main-0.115.0-0.1.hum1.
Audit device validation bypass via legacy file audit path option. Red Hat rates this moderate (CVSS 4.4). Weakness: CWE-807.
Information disclosure via malicious model archive with Virtual Dataset. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-22.
Cross-site scripting vulnerability due to improper input neutralization. Red Hat rates this moderate (CVSS 4.6). Weakness: CWE-79.
Information disclosure via improper validation of nested request parameters. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-639. Red Hat lists fixing advisory RHSA-2026:34366 with package foreman-0:3.14.0.17-1.el9sat, foreman-0:3.18.0.7-1.el9sat, foreman-0:3.12.0.17-1.el9sat, foreman-0:3.12.0.17-1.el8sat. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 8.
Supply chain attack via cross-site scripting. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-79.
Heap-based buffer overflow via crafted model file. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-787.