VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
3437 advisories across 32 monitored vendors.
Misleading security logs due to incorrect control flow. Red Hat rates this low (CVSS 2.3). Weakness: CWE-778. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Error condition not handled when configuring CRLs. Red Hat rates this low (CVSS 3.7). Weakness: CWE-390. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Denial of service via heap-based buffer overflow in Bitcode File Handler. Red Hat rates this low (CVSS 3.3). Weakness: CWE-805. Red Hat lists fixing advisory RHSA-2026:7634 with package llvm21-main-21.1.8-6.hum1, llvm-main-21.1.8-1.1.hum1.
Denial of Service via stack-based buffer overflow in StringMap::insert. Red Hat rates this low (CVSS 3.3). Weakness: CWE-120. Red Hat lists fixing advisory RHSA-2026:7634 with package llvm21-main-21.1.8-6.hum1, llvm-main-21.1.8-1.1.hum1.
Remote code injection vulnerability. Red Hat rates this important (CVSS 7.3). Weakness: CWE-94.
Memory corruption via crafted Photo CD (PCD) file. Red Hat rates this important (CVSS 8.1). Weakness: CWE-787.
Heap buffer overflow via integer overflow in publickey attribute allocation. Red Hat rates this moderate (CVSS 7). Weakness: CWE-787.
Memory corruption via crafted RASC video stream. Red Hat rates this important (CVSS 7.6). Weakness: CWE-787.
antlr ANTLR4: Path traversal via manipulation of getImportedVocabFile function. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-22.
A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. Such manipulation leads to missing authorization. It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been disclosed to the public and may be used. A reply to the GitHub issue explains, that "[t]he labeling schema PR has not been merged yet. The auth handlers will be added before the release." A flaw was found in MLflow. This could lead to unauthorized access or manipulation of data within the affected component. This issue primarily affects specific MLflow components within the OpenShift AI environment. Red Hat severity: Moderate — CVSS 5 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L). Weakness: CWE-639. Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.
Denial of Service via crafted IPv6 response. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-125.
Denial of service or information disclosure via malformed SSH publickey response. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-824.
Denial of Service via missing host header in specific logging configurations. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476.
Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation. Red Hat rates this important (CVSS 7.5). Weakness: CWE-444.
Denial of Service via specially crafted zstd payload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Denial of Service via deeply nested JSON objects. Red Hat rates this important (CVSS 7.5). Weakness: CWE-776.
Arbitrary file write and information disclosure via symlink validation bypass. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22.
Information disclosure via malicious container image environment variables. Red Hat rates this important (CVSS 7.5). Weakness: CWE-914. Red Hat lists fixing advisory RHSA-2026:37123 with package podman-7:5.8.2-4.el10_2, podman-6:5.8.2-4.el9_8, podman-main-6.0.0-1.hum1, container-tools:rhel8-8100020260709093628.afee755d. Affected products named by the advisory: Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 9.
Unsafe URI and Path Handling in HTML Backend. Red Hat rates this important (CVSS 7.1). Weakness: CWE-22.
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence. This vulnerability is rated Important due to the potential for remote exploitation without authentication. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Weakness: CWE-825. Red Hat lists Migration Toolkit for Applications 8; Red Hat Ansible Automation Platform 2; Red Hat build of Debezium 3; Red Hat OpenShift AI (RHOAI); Red Hat Trusted Profile Analyzer as not affected.