VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Arbitrary code execution in xmlcatalog utility via buffer overflow. Red Hat rates this moderate (CVSS 4.8). Weakness: CWE-120. Red Hat lists fixing advisory RHSA-2026:33840 with package libxml2-main-2.15.3-0.1.1.hum1.
TOCTOU Symlink Traversal via getfacl/setfacl. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-367. Red Hat lists fixing advisory RHSA-2026:34351 with package acl-main-2.4.0-0.1.hum1.
Symlink Traversal Privilege Escalation via getfattr and setfattr. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:34889 with package attr-main-2.6.0-9.1.hum1.
Arbitrary file overwrite via insecure temporary file handling in gzexe utility. Red Hat rates this moderate (CVSS 6). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:33771 with package gzip-main-1.14-2.2.hum1.
In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agp_amd64_probe() A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment (e.g. qemu/kvm) without a physical AMD northbridge. The crash occurs in amd64_fetch_size() when attempting to dereference the pointer returned by node_to_amd_nb(0). The root cause of this crash is broken error propagation in agp_amd64_probe(): When no AMD northbridges are found, cache_nbs() correctly returns -ENODEV. However, the probe function erroneously checks the return value against exactly -1, rather than < 0. As a result, the hardware absence error is masked, allowing the driver to improperly proceed with initialization. It eventually calls agp_add_bridge(), which invokes amd64_fetch_size(). Since the hardware does not exist, node_to_amd_nb(0) returns NULL, leading to a General Protection Fault (GPF) when accessing its ->misc member. Fix the issue by correcting the error check in agp_amd64_probe() to abort properly when cache_nbs() returns any negative error code. This prevents the driver from erroneously proceeding without hardware, thereby avoiding the subsequent NULL pointer dereference at its source. This vulnerability occurs in virtualized environments lacking a physical AMD northbridge.
Misleading security logs due to incorrect control flow. Red Hat rates this low (CVSS 2.3). Weakness: CWE-778. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Error condition not handled when configuring CRLs. Red Hat rates this low (CVSS 3.7). Weakness: CWE-390. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Denial of service via heap-based buffer overflow in Bitcode File Handler. Red Hat rates this low (CVSS 3.3). Weakness: CWE-805. Red Hat lists fixing advisory RHSA-2026:7634 with package llvm21-main-21.1.8-6.hum1, llvm-main-21.1.8-1.1.hum1.
Denial of Service via stack-based buffer overflow in StringMap::insert. Red Hat rates this low (CVSS 3.3). Weakness: CWE-120. Red Hat lists fixing advisory RHSA-2026:7634 with package llvm21-main-21.1.8-6.hum1, llvm-main-21.1.8-1.1.hum1.
Remote code injection vulnerability. Red Hat rates this important (CVSS 7.3). Weakness: CWE-94.
Memory corruption via crafted Photo CD (PCD) file. Red Hat rates this important (CVSS 8.1). Weakness: CWE-787.
Heap buffer overflow via integer overflow in publickey attribute allocation. Red Hat rates this moderate (CVSS 7). Weakness: CWE-787.
Memory corruption via crafted RASC video stream. Red Hat rates this important (CVSS 7.6). Weakness: CWE-787.
antlr ANTLR4: Path traversal via manipulation of getImportedVocabFile function. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-22.
A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. Such manipulation leads to missing authorization. It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been disclosed to the public and may be used. A reply to the GitHub issue explains, that "[t]he labeling schema PR has not been merged yet. The auth handlers will be added before the release." A flaw was found in MLflow. This could lead to unauthorized access or manipulation of data within the affected component. This issue primarily affects specific MLflow components within the OpenShift AI environment. Red Hat severity: Moderate — CVSS 5 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L). Weakness: CWE-639. Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.
Denial of Service via crafted IPv6 response. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-125.
Denial of service or information disclosure via malformed SSH publickey response. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-824.
Denial of Service via missing host header in specific logging configurations. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476.
Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation. Red Hat rates this important (CVSS 7.5). Weakness: CWE-444.
Denial of Service via specially crafted zstd payload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.