Redhat

Hardened Images

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.73%
  • Veröffentlicht 26.05.2026 21:29:20
  • Zuletzt bearbeitet 09.07.2026 07:16:24

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerabil...

Exploit
  • EPSS 0.21%
  • Veröffentlicht 26.05.2026 16:16:07
  • Zuletzt bearbeitet 09.07.2026 16:16:41

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, ...

  • EPSS 0.29%
  • Veröffentlicht 20.05.2026 23:34:56
  • Zuletzt bearbeitet 27.06.2026 00:16:49

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a ...

  • EPSS 0.4%
  • Veröffentlicht 20.05.2026 23:16:36
  • Zuletzt bearbeitet 29.06.2026 17:16:30

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA51...

Medienbericht
  • EPSS 1.34%
  • Veröffentlicht 18.05.2026 12:44:45
  • Zuletzt bearbeitet 08.07.2026 13:16:42

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle...

  • EPSS 0.48%
  • Veröffentlicht 07.05.2026 13:51:04
  • Zuletzt bearbeitet 30.06.2026 03:19:30

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical ...

Medienbericht
  • EPSS 1.05%
  • Veröffentlicht 07.05.2026 12:16:17
  • Zuletzt bearbeitet 08.07.2026 13:16:42

A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted...

Medienbericht
  • EPSS 1.26%
  • Veröffentlicht 04.05.2026 09:08:51
  • Zuletzt bearbeitet 07.07.2026 12:16:38

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without vali...

Medienbericht
  • EPSS 0.81%
  • Veröffentlicht 30.04.2026 17:41:34
  • Zuletzt bearbeitet 07.07.2026 12:16:37

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause inform...

Exploit
  • EPSS 0.72%
  • Veröffentlicht 30.04.2026 17:41:28
  • Zuletzt bearbeitet 24.06.2026 17:16:58

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP...