VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1564 advisories across 32 monitored vendors.
Denial of Service via quadratic CPU time parsing with merge keys. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333. Red Hat lists fixing advisory RHSA-2026:34975 with package nodejs20-main-20.20.2-1.hum1, rust-main-1.96.1-1.hum1. Affected products named by the advisory: Red Hat Hardened Images; Cryostat 4; Gatekeeper 3; Migration Toolkit for Applications 8; and 48 more.
js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses a crafted ordered-map document. This issue is fixed in version 5.2.1. An attacker could exploit this by providing a specially crafted YAML ordered-map document. This could lead to excessive CPU consumption, resulting in a denial of service (DoS) for applications processing the malicious YAML input. This affects yaml.load() calls using that schema. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-770. Affected Red Hat products: Red Hat Hardened Images; Red Hat Discovery 2.
Prevent rehoming resources to nodes with different owner. Red Hat rates this important (CVSS 8.7). Weakness: CWE-1220. Affected products named by the advisory: Red Hat Enterprise Linux; Red Hat OpenShift Container Platform 4; Red Hat OpenStack Platform 16.2; Red Hat OpenStack Platform 17.1; and 1 more.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Use-after-free vulnerability during host key re-exchange on the client side. Red Hat rates this important (CVSS 7.7). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 3 more.
glamor Font Atlas Heap Buffer Overflow. Red Hat rates this important (CVSS 7.5). Weakness: CWE-805. Red Hat lists fixing advisory RHSA-2026:38486 with package xorg-x11-server-0:1.20.11-34.el9_8.3, xorg-x11-server-Xwayland-0:21.1.3-20.el8_10.3, xorg-x11-server-Xwayland-0:24.1.9-4.el9_8.3, xorg-x11-server-0:1.20.11-28.el8_10.3. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 1. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow. Red Hat rates this important (CVSS 7.3). Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
PCF Font Parsing Heap Buffer Overflow. Red Hat rates this important (CVSS 7.3). Weakness: CWE-787. Affected product named by the advisory: Red Hat Enterprise Linux.
rfbsrc/librfb Hextile heap out-of-bounds write with 16bpp framebuffer. Red Hat rates this important (CVSS 7.1). Weakness: CWE-787. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.
DTLS certificate Subject DN stack buffer overflow in openssl_verify_callback. Red Hat rates this important (CVSS 7.5). Weakness: CWE-121. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.
Heap overflow when preparsing SQL statements with excessive placeholders. Red Hat rates this important (CVSS 8.1). Weakness: CWE-131. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.
A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind with integrity protection (SSF > 0), an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer without a bounds check in sasl_io_recv() in sasl_io.c. This allows up to approximately 2 megabytes of attacker-controlled data to overflow the buffer, causing a denial of service (server crash). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, any enrolled host, or any service account can trigger this vulnerability over the network after authenticating via GSSAPI. Red Hat rates this issue as Important impact. Exploitation requires a valid SASL-authenticated LDAP session, not Directory Manager access. Any user who can bind with SASL mechanisms such as GSSAPI/Kerberos or DIGEST-MD5 can trigger the denial of service. In deployments where domain users, enrolled hosts, and service accounts routinely authenticate to the directory over Kerberos, the attack surface includes any such principal with network access to LDAP. This flaw is independent of CVE-2025-14905, which patched a separate heap overflow in schema.c and did not modify sasl_io.c. Red Hat severity: Important — CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation. Red Hat rates this important (CVSS 8.8). Weakness: CWE-1188. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; and 1 more.
A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL configurations with SELinux enforcing, this can be used to inject Kerberos configuration leading to authentication bypass. SELinux blocks writes to most security-critical paths such as /etc/cron.d/. Red Hat severity: Moderate — CVSS 8 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). Weakness: CWE-23. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat OpenShift Container Platform 4. Will not fix / out of support: Red Hat Enterprise Linux 6. Red Hat does not currently list a fixing RHSA for this CVE.
Use-after-free / double-free in query-completion handling. Red Hat rates this important (CVSS 7.5). Weakness: CWE-416. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; and 2 more.
Denial of Service via adversarial regular expression in structured outputs API. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333. Affected products named by the advisory: Red Hat AI Inference Server; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI).
Denial of Service via malformed speculative decoding workload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-125. Affected products named by the advisory: Red Hat AI Inference Server; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI).
Denial of Service via crafted BDF font file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected products named by the advisory: Exploit Intelligence; Lightspeed Core; OpenShift Lightspeed; Red Hat AI Inference Server; and 7 more.
Denial of Service via crafted GD 2.x image file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1285. Affected products named by the advisory: Exploit Intelligence; Lightspeed Core; OpenShift Lightspeed; Red Hat AI Inference Server; and 7 more.
Denial of Service via excessive memory allocation when processing font files. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1050. Affected products named by the advisory: Exploit Intelligence; Lightspeed Core; OpenShift Lightspeed; Red Hat AI Inference Server; and 7 more.