VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Denial of Service via crafted Markdown input. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333.
Denial of Service via crafted nested query strings. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Remote Code Execution via Unsafe Deserialization in gRPC Registry Server. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502.
Arbitrary code execution outside sandbox. Red Hat rates this important (CVSS 8.5). Weakness: CWE-917.
Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attackers able to provide such scripts to invoke arbitrary constructors and bypass the sandbox protection. By exploiting a failure to properly intercept implicit type casts in typed for-each loops, an attacker can invoke arbitrary constructors, potentially leading to arbitrary code execution within the Jenkins environment. Red Hat rates this as an Important vulnerability in the Jenkins Script Security Plugin. The scope is unchanged (S:U) because the sandbox and the Jenkins controller share the same security authority — a sandbox escape executes code in the same context rather than crossing a trust boundary to a separate system. Red Hat severity: Important — CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Weakness: CWE-1287. Affected Red Hat products: OpenShift Developer Tools and Services. Red Hat does not currently list a fixing RHSA for this CVE.
purge outqueue on stale COOKIE-ECHO handling. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
fix missing zerocopy reference in pskb_carve helpers. Red Hat rates this important (CVSS 7.8). Weakness: CWE-911.
fix UAF with retry loop. Red Hat rates this important (CVSS 7). Weakness: CWE-825.
handle empty bo and UAF races. Red Hat rates this important (CVSS 7). Weakness: CWE-476.
Fix WARN_ON in __iommu_group_set_domain_nofail() due to reset. Red Hat rates this important (CVSS 7). Weakness: CWE-825.
Reject wrapped offset in kvm_reset_dirty_gfn(). Red Hat rates this important (CVSS 7). Weakness: CWE-190.
af_alg - Cap AEAD AD length to 0x80000000. Red Hat rates this important (CVSS 7). Weakness: CWE-190.
Drop CLONE_THREAD requirement for private default hash alloc. Red Hat rates this important (CVSS 7). Weakness: CWE-825.
Fix error cleanup in xe_exec_queue_create_ioctl(). Red Hat rates this important (CVSS 7). Weakness: CWE-825.
avoid double drm_exec_fini() in userq validate. Red Hat rates this important (CVSS 7). Weakness: CWE-1341.
propagate nvmet_tcp_build_pdu_iovec() errors to its callers. Red Hat rates this important (CVSS 7). Weakness: CWE-390.
fix race between file release and pressure write. Red Hat rates this important (CVSS 7). Weakness: CWE-367.
fix double-free in tipc_buf_append(). Red Hat rates this important (CVSS 7). Weakness: CWE-763.
use kfree_rcu to release ops. Red Hat rates this important (CVSS 7). Weakness: CWE-763.
remove sprintf usage. Red Hat rates this important (CVSS 7). Weakness: CWE-787.