Search Results (1768 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-1757 1 Redhat 4 Enterprise Linux, Hummingbird, Jboss Core Services and 1 more 2026-04-22 6.2 Medium
A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.
CVE-2026-0992 1 Redhat 4 Enterprise Linux, Hummingbird, Jboss Core Services and 1 more 2026-04-22 2.9 Low
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated <nextCatalog> elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.
CVE-2026-0990 1 Redhat 4 Enterprise Linux, Hummingbird, Jboss Core Services and 1 more 2026-04-22 5.9 Medium
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.
CVE-2026-0989 1 Redhat 4 Enterprise Linux, Hummingbird, Jboss Core Services and 1 more 2026-04-22 3.7 Low
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.
CVE-2025-27363 3 Debian, Freetype, Redhat 9 Debian Linux, Freetype, Enterprise Linux and 6 more 2026-04-22 8.1 High
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVE-2026-5483 1 Redhat 3 Openshift Ai, Openshift Ai 2.16, Openshift Ai 3.3 2026-04-21 8.5 High
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an attacker to gain unauthorized access to Kubernetes resources.
CVE-2026-4897 2 Freedesktop, Redhat 4 Polkit, Enterprise Linux, Openshift and 1 more 2026-04-21 5.5 Medium
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the `polkit-agent-helper-1` setuid binary via standard input (stdin). This unbounded input can lead to an out-of-memory (OOM) condition, resulting in a Denial of Service (DoS) for the system.
CVE-2025-22870 1 Redhat 1 Openshift Data Foundation 2026-04-20 4.4 Medium
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
CVE-2025-7195 1 Redhat 13 Acm, Advanced Cluster Security, Apicurio Registry and 10 more 2026-04-20 6.4 Medium
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
CVE-2026-6507 1 Redhat 3 Enterprise Linux, Openshift, Openshift Container Platform 2026-04-20 7.5 High
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption, causing the dnsmasq daemon to crash and resulting in a denial of service (DoS).
CVE-2026-0665 1 Redhat 2 Enterprise Linux, Openshift 2026-04-18 6.5 Medium
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption.
CVE-2024-1139 1 Redhat 2 Acm, Openshift 2026-04-18 7.7 High
A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.
CVE-2024-9355 1 Redhat 22 Amq Streams, Ansible Automation Platform, Container Native Virtualization and 19 more 2026-04-18 6.5 Medium
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.
CVE-2024-0874 1 Redhat 3 Acm, Logging, Openshift 2026-04-18 5.3 Medium
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
CVE-2024-5037 1 Redhat 4 Logging, Openshift, Openshift Container Platform and 1 more 2026-04-18 7.5 High
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.
CVE-2026-22549 3 F5, Kubernetes, Redhat 3 Big-ip Container Ingress Services, Kubernetes, Openshift 2026-04-18 4.9 Medium
A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions to read cluster secrets.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-2243 2 Red Hat, Redhat 4 Enterprise Linux, Enterprise Linux, Openshift and 1 more 2026-04-17 5.1 Medium
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition (DoS).
CVE-2026-6388 1 Redhat 1 Openshift Gitops 2026-04-17 9.1 Critical
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates on applications managed by other tenants. This leads to cross-namespace privilege escalation, impacting application integrity through unauthorized application updates.
CVE-2026-6385 2 Ffmpeg, Redhat 5 Ffmpeg, Ai Inference Server, Enterprise Linux Ai and 2 more 2026-04-17 6.5 Medium
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds checks, leading to a heap out-of-bounds write. Successful exploitation can result in a denial of service (DoS) due to an application crash, and potentially lead to arbitrary code execution.
CVE-2026-6383 1 Redhat 2 Container Native Virtualization, Openshift Virtualization 2026-04-17 5.4 Medium
A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized access to subresources, potentially disclosing sensitive information or performing actions they are not permitted to do. Additionally, legitimate users may be denied access to resources.