VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
4096 advisories across 32 monitored vendors.
Information Disclosure via brute-force attack on hash function. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-916.
SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files. Users are recommended to upgrade to version 1.0.0, which fixes this issue.
Denial of Service via Integer Overflow in FuzzyMatchV2 function. Red Hat rates this moderate (CVSS 5). Weakness: CWE-190.
Privilege escalation to realm administrator via improper authorization in identity provider mapper. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-266.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a message with a JMS message ID that has been crafted to contain HTML/JavaScript such that when an administrator browses the queue in the Web Console, the payload executes in their browser. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
keycloak-admin-ui:Admin UI extension brute-force-user endpoint bypasses FGAPv2 user view restrictions. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-639.
Denial of Service via crafted OpenWire Message. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-770.
Insufficient policy enforcement in Sandbox. Red Hat rates this low (CVSS 5.7). Weakness: CWE-653.
ImageMagick - Policy Bypass via Incorrect Path Validation. Red Hat rates this low (CVSS 3.3). Weakness: CWE-22.
Information disclosure due to AES-CTR nonce reuse. Red Hat rates this low (CVSS 3.7). Weakness: CWE-323.
Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-arm64: Magick.NET-Q16-x64: Magick.NET-Q16-x86: Magick.NET-Q16-HDRI-OpenMP-x64: Magick.NET-Q8-AnyCPU: Magick.NET-Q8-OpenMP-arm64: Magick.NET-Q8-OpenMP-x64: Magick.NET-Q8-arm64: Magick.NET-Q8-x64: Magick.NET-Q8-x86: ImageMagick: Denial of Service due to memory leak in PNG encoder when processing MNG images. Red Hat rates this low (CVSS 3.7). Weakness: CWE-401.
Magick.NET-Q16-arm64: Magick.NET-Q16-x86: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x86: Magick.NET-Q16-HDRI-x64: Magick.NET-Q16-HDRI-arm64: Magick.NET-Q16-HDRI-x86: Magick.NET-Q16-HDRI-OpenMP-x64: Magick.NET-Q16-HDRI-OpenMP-arm64: Magick.NET-Q8-AnyCPU: Magick.NET-Q16-AnyCPU: Magick.NET-Q16-HDRI-AnyCPU: ImageMagick: Denial of Service via memory leak in OpenCL device profile XML parsing. Red Hat rates this low (CVSS 1.9). Weakness: CWE-401.
ImageMagick - Division by Zero in Binomial Kernel Processing. Red Hat rates this low (CVSS 3.3). Weakness: CWE-190.
Heap buffer overflow via incorrect morphology parameters. Red Hat rates this low (CVSS 3.3). Weakness: CWE-125.
Information disclosure via unvalidated JSONP callback parameter. Red Hat rates this low (CVSS 3.1). Weakness: CWE-79.
Unauthorized account creation via registration function. Red Hat rates this low (CVSS 3.7). Weakness: CWE-306.
@anthropic-ai/claude-code: Claude Code: Arbitrary code execution through git directory confusion. Red Hat rates this important (CVSS 7.1). Weakness: CWE-59.
Security policy bypass due to improper Unicode hostname canonicalization. Red Hat rates this important (CVSS 7.5). Weakness: CWE-551. Red Hat lists fixing advisory RHSA-2026:37186 with package rhem/flightctl-ui-rhel9:1784127736, openshift4/ose-monitoring-plugin-rhel9:1783596795, openshift4/ose-monitoring-plugin-rhel9:1783510956, quay/quay-rhel8:1784125838.
Symlink traversal privilege escalation via libacl functions. Red Hat rates this important (CVSS 7.1). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:34351 with package acl-main-2.4.0-0.1.hum1.
Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension. Red Hat rates this important (CVSS 8.8). Weakness: CWE-88. Red Hat lists fixing advisory RHSA-2026:36820 with package devspaces/pluginregistry-rhel9:1782989367.