Redhat

Hardened Images

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.35%
  • Veröffentlicht 30.06.2026 07:16:32
  • Zuletzt bearbeitet 30.06.2026 18:16:44

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of ano...

  • EPSS 0.11%
  • Veröffentlicht 29.06.2026 18:44:24
  • Zuletzt bearbeitet 08.07.2026 03:34:36

A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRA...

  • EPSS 0.11%
  • Veröffentlicht 29.06.2026 08:06:09
  • Zuletzt bearbeitet 08.07.2026 03:37:21

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent par...

Exploit
  • EPSS 0.37%
  • Veröffentlicht 23.06.2026 03:37:00
  • Zuletzt bearbeitet 08.07.2026 14:17:14

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators...

  • EPSS 0.09%
  • Veröffentlicht 23.06.2026 03:36:25
  • Zuletzt bearbeitet 08.07.2026 14:17:14

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-...

Exploit
  • EPSS 0.24%
  • Veröffentlicht 23.06.2026 03:36:22
  • Zuletzt bearbeitet 08.07.2026 14:17:14

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path. This occurs during FIPS (Federal Information Processing Standards) mode known-group validation when...

  • EPSS 0.41%
  • Veröffentlicht 19.06.2026 16:28:33
  • Zuletzt bearbeitet 08.07.2026 09:16:31

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC (Scalable Video Coding) layer ID control allows an attacker to supply crafted video frame pixel...

  • EPSS 0.25%
  • Veröffentlicht 19.06.2026 16:28:33
  • Zuletzt bearbeitet 08.07.2026 09:16:30

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding the configured numb...

  • EPSS 0.27%
  • Veröffentlicht 19.06.2026 16:28:26
  • Zuletzt bearbeitet 08.07.2026 09:16:30

An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows an attacker to inject an arbitrary pointer into the cycli...

  • EPSS 0.28%
  • Veröffentlicht 19.06.2026 16:28:26
  • Zuletzt bearbeitet 08.07.2026 09:16:30

A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing (LAP) mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when g_lag_in_fram...