VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
4116 advisories across 32 monitored vendors.
Unauthorized access and data manipulation via missing API authorization. Red Hat rates this moderate (CVSS 5). Weakness: CWE-639.
Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6_get_data_primitive (libnetutil/netutil.cc), so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a crafted IPv6 response with a truncated extension header can trigger out-of-bounds reads and a crash during raw IPv6 scans. A flaw was found in Nmap. This can lead to an integer underflow, causing out-of-bounds reads and a denial of service (DoS) due to a crash during raw IPv6 scans. Red Hat rates this flaw as Moderate rather than the AI-assigned Important severity. The Aegis AI-Bot rated UI:N (no user interaction), but nmap is a command-line scanning tool that an operator must manually invoke — initiating a scan is user interaction per the CVSS definition of UI:R. Correcting UI:N to UI:R reduces the CVSS from 7.5 to 6.5, aligning with the upstream CVEORG assessment. Weakness: CWE-125. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat OpenShift Container Platform 4. Red Hat does not currently list a fixing RHSA for this CVE.
libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2_publickey_list_free operating on an uninitialized entry. A malicious SSH server offering the publickey subsystem can use a malformed response to make cleanup free an uninitialized, attacker-influenceable attrs pointer in a connecting libssh2 client. A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Moderate: This flaw in libssh2 can lead to a denial of service or information disclosure in client applications when connecting to a malicious SSH server. The vulnerability arises from improper handling of uninitialized memory during public key list processing, which an attacker can trigger with a specially crafted response. Exploitation requires active interaction with a compromised or malicious server, limiting the attack surface to untrusted connections. Note: Red Hat Enterprise Linux (RHEL) 8 and newer are not affected by this flaw, as they do not ship the libssh2 package. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H). Weakness: CWE-824.
Multiple NetApp products incorporate Apache Netty. Apache Netty versions prior to 4.1.135.Final and 4.2.0 prior to 4.2.15.Final are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Apache Netty. Apache Netty versions prior to 4.1.133.Final and 4.2.0 prior to 4.2.13.Final are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). <br><br> OnCommand Insight:<br> Affected only by CVE-2026-41417. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Denial of Service via missing host header in specific logging configurations. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476.
Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation. Red Hat rates this important (CVSS 7.5). Weakness: CWE-444.
Denial of Service via specially crafted zstd payload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Denial of Service via deeply nested JSON objects. Red Hat rates this important (CVSS 7.5). Weakness: CWE-776.
Arbitrary file write and information disclosure via symlink validation bypass. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22.
Information disclosure via malicious container image environment variables. Red Hat rates this important (CVSS 7.5). Weakness: CWE-914. Red Hat lists fixing advisory RHSA-2026:37123 with package podman-7:5.8.2-4.el10_2, podman-6:5.8.2-4.el9_8, podman-main-6.0.0-1.hum1, container-tools:rhel8-8100020260709093628.afee755d. Affected products named by the advisory: Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 9.
Unsafe URI and Path Handling in HTML Backend. Red Hat rates this important (CVSS 7.1). Weakness: CWE-22.
Information disclosure vulnerability in model quantization engine. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825.
Kerberos pre-authentication bypass via unrecognized PA-DATA. Red Hat rates this important (CVSS 7.3). Weakness: CWE-358.
DisableTLS migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces. Red Hat rates this moderate (CVSS 8.5). Weakness: CWE-306.
Authentication bypass due to TLS hostname handling and unicode dot separator mismatch. Red Hat rates this important (CVSS 7.7). Weakness: CWE-289. Red Hat lists fixing advisory RHSA-2026:39246 with package nodejs20-main-20.20.2-1.hum1, nodejs22-main-22.23.1-1.hum1, nodejs24-main-24.18.0-0.1.hum1, nodejs26-main-26.4.0-1.2.hum1. Affected product named by the advisory: Red Hat Enterprise Linux 1.
Denial of Service via large input to subtle.encrypt(). Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:39246 with package nodejs20-main-20.20.2-1.hum1, nodejs22-main-22.23.1-1.hum1, nodejs24-main-24.18.0-0.1.hum1, nodejs26-main-26.4.0-1.2.hum1. Affected product named by the advisory: Red Hat Enterprise Linux 1.
Clean up DMABUFs before disabling function. Red Hat rates this important (CVSS 7). Weakness: CWE-826.
Fix drm_dev_put called before stream disable in close. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
fix off-by-one in dlm_match_regions() region comparison. Red Hat rates this important (CVSS 7.1). Weakness: CWE-125.