VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1164 advisories across 32 monitored vendors.
Quarkus REST Worker Thread Exhaustion Vulnerability. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-772. Affected package(s): quarkus-rest. Resolved in Red Hat advisory RHSA-2026:1899 — update the affected packages (`sudo dnf update`).
Denial of Service via stack-based buffer overflow in asn1_expend_octet_string. Red Hat rates this low (CVSS 5.9). Weakness: CWE-120. Affected package(s): insights-proxy/insights-proxy-container-rhel9:1782890503, libtasn1, libtasn1-main, discovery/discovery-ui-rhel9:1782756541, discovery/discovery-server-rhel9:1782763840. Resolved in Red Hat advisory RHSA-2026:28235 — update the affected packages (`sudo dnf update`).
Public key pinning bypass via QUIC and GnuTLS allows server impersonation. Red Hat rates this moderate (CVSS 6.8). Weakness: CWE-295. Affected package(s): curl-main. Resolved in Red Hat advisory RHSA-2026:6893 — update the affected packages (`sudo dnf update`).
Information disclosure via cross-protocol redirect with OAuth2 bearer token. Red Hat rates this low (CVSS 6.5). Weakness: CWE-201. Affected package(s): curl-main. Resolved in Red Hat advisory RHSA-2026:6893 — update the affected packages (`sudo dnf update`).
Improper certificate validation due to cached TLS settings reuse. Red Hat rates this low (CVSS 6.8). Weakness: CWE-295. Affected package(s): curl-main. Resolved in Red Hat advisory RHSA-2026:6893 — update the affected packages (`sudo dnf update`).
libssh key passphrase bypass without agent set. Red Hat rates this low (CVSS 4.7). Weakness: CWE-305. Affected package(s): curl-main. Resolved in Red Hat advisory RHSA-2026:6893 — update the affected packages (`sudo dnf update`).
Keycloak Authorization Header Parsing Leading to Potential Security Control Bypass. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-551. Affected package(s): rhbk/keycloak-rhel9, rhbk/keycloak-operator-bundle:26.4.10, rhbk/keycloak-rhel9-operator:26.4, rhbk/keycloak-rhel9:26.4. Resolved in Red Hat advisory RHSA-2026:3947 — update the affected packages (`sudo dnf update`).
Denial of Service via memory exhaustion from crafted POST request. Red Hat rates this moderate (CVSS 6.8). Weakness: CWE-770. Affected package(s): ansible-automation-platform, rhaiis/vllm-cuda-rhel9:1774351144, rhoai/odh-caikit-nlp-rhel9:1780069094, rhoai/odh-vllm-gaudi-rhel9:1772093278, rhaiis/model-opt-cuda-rhel9:1774547384, rhoai/odh-vllm-cpu-rhel9:1776259063. Resolved in Red Hat advisory RHSA-2026:10184 — update the affected packages (`sudo dnf update`).
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values. This vulnerability is rated Moderate for Red Hat products because an integer overflow in GLib's GIO `escape_byte_string()` function can lead to a heap buffer overflow and denial-of-service. This occurs when processing specially crafted file or remote filesystem attribute values, requiring an attacker to provide malicious input. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-190. Affected products named by the advisory: Red Hat Enterprise Linux 10.0 Extended Update Support; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; and 16 more.
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 10.0 Extended Update Support; Red Hat Enterprise Linux 7 Extended Lifecycle Support; Red Hat Enterprise Linux 8; and 18 more. Affected products named by the advisory: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.6 Telecommunications Update Service; and 13 more.
A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster. TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster Additionally users can access all `persistentvolumeclaims` and `lmevaljobs` Affected products named by the advisory: Red Hat OpenShift AI 2.25; Red Hat OpenShift AI 3.0; Red Hat OpenShift AI (RHOAI).
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; and 5 more. Affected products named by the advisory: Red Hat Enterprise Linux 9.4 Extended Update Support; Red Hat Ceph Storage 7; Red Hat Discovery 2; Red Hat Insights proxy 1.5; and 1 more.
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.4 Extended Update Support; and 5 more. Affected products named by the advisory: Red Hat Ceph Storage 7; Red Hat Discovery 2; Red Hat Hardened Images; Red Hat Insights proxy 1.5; and 1 more.
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; and 6 more. Affected products named by the advisory: Red Hat Enterprise Linux 9.4 Extended Update Support; Red Hat Ceph Storage 7; Red Hat Discovery 2; Red Hat Hardened Images; and 2 more.
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 9; Red Hat Ceph Storage 7; Red Hat Ceph Storage 8; and 5 more. Affected products named by the advisory: Red Hat Discovery 2; Red Hat Insights proxy 1.5; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.
A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 9; Red Hat Discovery 2; Red Hat Insights proxy 1.5; and 3 more. Affected products named by the advisory: Red Hat OpenShift distributed tracing 3.10.1; Red Hat Enterprise Linux 8; Red Hat OpenShift Container Platform 4.
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.2 Advanced Update Support; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; and 14 more. Affected products named by the advisory: Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.6 Telecommunications Update Service; Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions; and 9 more.
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. Affected products named by the advisory: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.4 Extended Update Support; Red Hat Discovery 1.14; and 1 more. Affected products named by the advisory: Red Hat OpenShift Container Platform 4.
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition. Affected products named by the advisory: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.4 Extended Update Support; and 3 more. Affected products named by the advisory: Red Hat Discovery 1.14; Red Hat Enterprise Linux 10; Red Hat OpenShift Container Platform 4.
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. Affected products named by the advisory: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; and 9 more. Affected products named by the advisory: Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.8 Telecommunications Update Service; Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; and 4 more.