VIR Vulnerability Intelligence Relay

Search

Found 204 results in 50ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-9795 high 7.3 7.3 redhat 7d ago A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, in…
CVE-2026-9793 high 7.5 7.5 redhat 7d ago A flaw was found in Keycloak. When a JSON Web Encryption (JWE) encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing …
CVE-2026-9704 high 8.8 8.8 redhat 8d ago A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …
CVE-2026-48864 high 7.8 7.8 debian debian sles rhel opensuseredhat 8d ago A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker ca…
CVE-2026-9087 high 8.1 8.1 redhat 14d ago A flaw was found in Keycloak. The cross-session verification proof is keyed only by (local userId, idpAlias) and is not bound to the upstream identity that was actually verified, so a second upstream…
CVE-2026-9064 high 7.5 7.5 debian debian sles rhel redhat 15d ago A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a…
CVE-2026-7571 high 7.1 7.1 redhat 16d ago A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clie…
CVE-2026-7507 high 7.5 7.5 redhat 16d ago A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated attacker could exploit this flaw by pre-creating an authentication session and tricking a victim i…
CVE-2026-7504 high 8.1 8.1 redhat 16d ago A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentiall…
CVE-2026-7307 high 7.5 7.5 redhat 16d ago A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high …
CVE-2026-0966 high 8.2 8.2 FIX rheldebian debian sles libsshredhat 16d ago Moderate: libssh security update
CVE-2026-42010 high 7.1 7.1 FIX debian debian sles rhel gnuredhat 28d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-35092 high 7.5 7.5 FIX rheldebian debian sles corosyncredhat 1mo ago A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) pac…
CVE-2026-35091 high 8.2 8.2 FIX rheldebian debian sles corosyncredhat 1mo ago A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User…
CVE-2026-31431 high 7.8 10.0 KEVEXPFIX rhelarch arch sles redhatsusearista 1mo ago Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
CVE-2026-33845 high 7.5 7.5 FIX debian debian sles rhel gnuredhat 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-4775 high 7.8 7.8 FIX rhel sles rocky libtiffredhat 1mo ago RHSA-2026:20585: compat-libtiff3 security update (Important)
CVE-2026-6732 high 7.5 7.5 debian debian sles rhel xmlsoftredhatgoogle 1mo ago A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An att…
CVE-2026-6859 high 8.8 8.8 redhat 1mo ago InstructLab Includes Functionality from Untrusted Control Sphere
CVE-2026-6855 high 7.1 7.1 redhat 1mo ago InstructLab vulnerable to Path Traversal
CVE-2026-6848 high 8.1 8.1 redhat 1mo ago A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be…
CVE-2026-6846 high 7.8 7.8 debian debian sles rhel gnuredhat 1mo ago A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker c…
CVE-2026-5121 high 7.5 7.5 FIX rheldebian debian sles libarchiveredhat 2mo ago Important: libarchive security update
CVE-2026-1584 high 7.5 7.5 FIX debian debian sles gnuredhat 2mo ago A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value duri…
CVE-2026-4878 high 7.0 7.0 FIX rheldebian debian sles libcap_projectredhatgoogle 2mo ago A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to…
CVE-2026-32590 high 7.1 7.1 redhat 2mo ago A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow …
CVE-2026-32589 high 7.4 7.4 redhat 2mo ago A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users…
CVE-2025-14821 high 7.0 7.0 FIX debian debian libsshredhat 2mo ago A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a si…
CVE-2026-4740 high 8.2 8.2 redhat 2mo ago A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed c…
CVE-2026-5165 high 7.8 7.8 rhel redhat 2mo ago A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. …
CVE-2025-12805 high 8.1 8.1 redhat 2mo ago A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, …
CVE-2026-4424 high 7.5 7.5 FIX rheldebian debian sles libarchiveredhat 3mo ago Important: libarchive security update
CVE-2025-13601 high 7.7 7.7 FIX rocky rheldebian debian redhatgnome 4mo ago A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of u…
CVE-2025-32988 high 8.2 8.2 FIX rhel rockydebian debian gnuredhat 9mo ago RHSA-2025:17415: gnutls security, bug fix, and enhancement update (Moderate)
CVE-2025-7365 high 7.1 7.1 redhat 11mo ago Keycloak phishing attack via email verification step in first login flow
CVE-2025-7424 high 7.5 7.5 FIX debian debian sles rhel xmlsoftredhat 11mo ago A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allow…
CVE-2025-6021 high 7.5 7.5 FIX rhelarch arch rocky xmlsoftredhat 11mo ago RHSA-2025:10698: libxml2 security update (Important)
CVE-2025-5372 high 8.8 8.8 FIX rockydebian debian sles libsshredhat 11mo ago RHSA-2025:21977: libssh security update (Moderate)
CVE-2025-23368 high 8.1 8.1 redhat 1y ago Wildfly Elytron integration susceptible to brute force attacks via CLI
CVE-2024-6387 high 8.1 9.1 EXPFIX rhelarch arch sles openbsdredhatnetapp 2y ago A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote a…
CVE-2023-50781 high 7.5 7.5 FIX slesdebian debian rhel redhatm2crypto_project 2y ago m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657
CVE-2023-44487 high 7.5 10.0 KEVEXPFIX rocky rheldebian debian siemensietfnghttp2 3y ago The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-4911 high 7.8 10.0 KEVEXPFIX rhel rocky sles gnuredhatnetapp 3y ago GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileg…
CVE-2011-0720 high 7.5 ploneredhat 4y ago Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and…
CVE-2014-3498 high 8.8 8.8 FIX debian debian redhat 4y ago The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands.
CVE-2016-3072 high 8.8 8.8 rhel katelloredhat 4y ago Katello SQL Injection vulnerabilities
CVE-2022-0492 high 7.8 10.0 KEVEXPFIX sles rockydebian debian redhatnetapp 4y ago Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
CVE-2021-4104 high 7.5 7.5 FIX debian debian sles rocky apacheredhatoracle 5y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2018-17958 high 7.5 7.5 FIX slesdebian debianubuntu ubuntu qemuredhat 8y ago Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
CVE-2014-0120 high 8.8 8.8 hawtredhat 9y ago Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf se…
CVE-2017-1000407 high 7.4 7.4 FIX slesarch archdebian debian redhat 9y ago The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVE-2017-1000410 high 7.5 7.5 FIX arch arch slesdebian debian redhat 9y ago The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of…
CVE-2017-15114 high 8.1 8.1 redhat 9y ago When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authenticati…
CVE-2016-8610 high 7.5 7.5 FIX sles rheldebian debian opensslredhatnetapp 9y ago A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote…
CVE-2017-15087 high 7.5 7.5 FIX rheldebian debian redhat 9y ago It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
CVE-2017-15086 high 7.4 7.4 FIX rheldebian debian redhat 9y ago It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
CVE-2017-1000256 high 8.1 8.1 FIX debian debian redhat 9y ago libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
CVE-2017-12160 high 7.2 7.2 redhat 9y ago Keycloak Oauth Implementation Error
CVE-2017-12159 high 7.5 7.5 rhel redhatkeycloak 9y ago Keycloak CSRF Vulnerability
CVE-2017-12613 high 7.1 7.1 FIX debian debian slesarch arch apacheredhat 9y ago When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting t…
CVE-2017-10388 high 7.5 7.5 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u…
CVE-2017-10309 high 7.1 8.1 EXPFIX sles rheldebian debian oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthentic…
CVE-2014-7851 high 7.5 7.5 ovirtredhat 9y ago oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that us…
CVE-2014-8170 high 8.8 8.8 ovirtredhat 9y ago ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, …
CVE-2015-5184 high 7.5 7.5 redhat 9y ago Console: CORS headers set to allow all in Red Hat AMQ.
CVE-2015-5183 high 7.5 7.5 redhat 9y ago Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
CVE-2015-5182 high 8.8 8.8 redhat 9y ago Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
CVE-2017-1002151 high 7.5 7.5 FIX debian debian redhat 9y ago Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization
CVE-2017-7561 high 7.5 7.5 FIX debian debian redhat 9y ago Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP
CVE-2017-11610 high 8.8 9.8 EXPFIX debian debianfedora fedora supervisordredhat 9y ago The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC req…
CVE-2016-6796 high 7.5 7.5 slesdebian debian rhel apachenetapporacle 9y ago Apache Tomcat vulnerable to SecurityManager bypass
CVE-2016-6797 high 7.5 7.5 slesdebian debian rhel apacheoraclenetapp 9y ago Incorrect Authorization in Apache Tomcat
CVE-2017-10116 high 8.3 8.3 FIX slesdebian debian rhel oraclephoenixcontactredhat 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedde…
CVE-2017-10115 high 7.5 7.5 FIX debian debian rhel oraclephoenixcontactredhat 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u…
CVE-2017-10078 high 8.1 8.1 FIX slesdebian debian rhel oracleredhatphoenixcontact 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged at…
CVE-2017-10067 high 7.5 7.5 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows …
CVE-2017-10664 high 7.5 7.5 FIX sles rheldebian debian qemuredhat 9y ago qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
CVE-2016-8743 high 7.5 7.5 FIX debian debian sles rhel apachenetappredhat 9y ago Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors repres…
CVE-2017-7980 high 7.8 7.8 FIX sles rhelubuntu ubuntu qemuredhat 9y ago Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vec…
CVE-2015-3198 high 7.5 7.5 redhat 9y ago The Undertow module of WildFly allows source code disclosure
CVE-2016-4996 high 7.0 7.0 rhel redhat 9y ago discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local u…
CVE-2016-7062 high 7.8 7.8 redhat 9y ago rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext.
CVE-2015-1795 high 7.8 7.8 FIX debian debian rhel redhat 9y ago Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root.
CVE-2015-3315 high 7.8 8.8 EXP rhel redhat 9y ago Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp…
CVE-2015-3215 high 7.5 7.5 redhat 9y ago The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for th…
CVE-2017-1000376 high 7.0 7.0 FIX slesarch archdebian debian redhatlibffi_projectoracle 9y ago libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was…
CVE-2016-4471 high 8.8 8.8 redhat 9y ago ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code.
CVE-2016-4457 high 7.5 7.5 redhat 9y ago CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.
CVE-2015-6240 high 7.8 7.8 FIX debian debian redhat 9y ago The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
CVE-2017-8309 high 7.5 7.5 FIX slesdebian debian qemuredhat 9y ago Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
CVE-2016-9842 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu zliboracleredhat 9y ago The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9840 high 8.8 8.8 FIX sles rockydebian debian boostzliboracle 9y ago RHSA-2025:8395: rsync security update (Low)
CVE-2017-3512 high 8.3 8.3 FIX slesdebian debian oracleredhat 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthentica…
CVE-2016-5401 high 8.8 8.8 redhat 9y ago Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web pag…
CVE-2016-5409 high 7.5 7.5 redhat 9y ago Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information …
CVE-2016-4970 high 7.5 7.5 FIX debian debian nettyredhatapache 9y ago Loop with Unreachable Exit Condition in Netty
CVE-2016-4459 high 7.5 7.5 rhel redhat 9y ago Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
CVE-2016-10165 high 7.1 7.1 FIX slesdebian debian rhel littlecmsredhatnetapp 10y ago The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which …
CVE-2016-7065 high 8.8 9.8 EXP redhat 10y ago The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted seriali…
CVE-2016-6325 high 7.8 7.8 rhel apacheredhat 10y ago The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which all…