VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1712 advisories across 32 monitored vendors.
fix UMP event stack overread. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-125.
fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison. Red Hat rates this low (CVSS 5.5). Weakness: CWE-833.
fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait(). Red Hat rates this low (CVSS 5.5).
Fix a potential NPD in cleanup_prefix_route(). Red Hat rates this low (CVSS 5.5).
validate unlabeled address and mask attribute lengths. Red Hat rates this moderate (CVSS 5.5).
fix off-by-one in multicast context address compression. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-193.
Fix NULL pointer dereference. Red Hat rates this low (CVSS 5.5).
fix leak if split 6 GHz scanning fails. Red Hat rates this low (CVSS 5.5).
Fix the ACK parser to extract the SACK table for parsing. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-125.
use kmap_local_page in netvsc_copy_to_send_buf. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-468.
fix sleep-inside-lock in __smc_setsockopt() causing local DoS. Red Hat rates this low (CVSS 5.5). Weakness: CWE-821.
don't try to setup PHY-driven SFP cages when using genphy. Red Hat rates this low (CVSS 5.5).
fix NULL dereference in get_queue_ids(). Red Hat rates this moderate (CVSS 5.5).
fix uninit-value in __sctp_rcv_asconf_lookup(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-130.
Fix global performance monitor reference counting. Red Hat rates this moderate (CVSS 5.5).
fix use-after-free on sbi->sync_decompress. Red Hat rates this moderate (CVSS 5.5).
Release nested relation on devlink free. Red Hat rates this low (CVSS 5.5). Weakness: CWE-772.
Uninitialized Use in GPU. Red Hat rates this important (CVSS 5.3). Weakness: CWE-824.
Insufficient validation of untrusted input in Navigation. Red Hat rates this important (CVSS 5.8). Weakness: CWE-1286.
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences to read arbitrary files from the file system accessible to the process, include sensitive files in the converted document output, or potentially access configuration files, credentials, or other sensitive data This vulnerability is fixed in 2.91.0. A flaw was found in Docling, a tool for document processing. This Moderate impact flaw in Docling's LaTeX backend allows an attacker to read arbitrary files from the system. By crafting a malicious LaTeX document with path traversal sequences, an attacker could exploit this vulnerability when a user processes the document, potentially leading to the disclosure of sensitive information such as configuration files or credentials. This issue primarily affects instances where Docling is used to process untrusted LaTeX content, such as within Red Hat OpenShift AI. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N). Weakness: CWE-22. Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.