Redhat

Enterprise Linux

1851 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Medienbericht
  • EPSS 1.07%
  • Veröffentlicht 30.03.2026 08:16:18
  • Zuletzt bearbeitet 10.06.2026 18:17:13

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buff...

Exploit
  • EPSS 0.25%
  • Veröffentlicht 30.03.2026 05:35:57
  • Zuletzt bearbeitet 09.06.2026 10:16:44

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can ...

  • EPSS 0.68%
  • Veröffentlicht 27.03.2026 16:13:05
  • Zuletzt bearbeitet 10.06.2026 22:16:56

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can...

  • EPSS 0.7%
  • Veröffentlicht 27.03.2026 16:13:03
  • Zuletzt bearbeitet 29.06.2026 10:16:31

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exp...

  • EPSS 0.12%
  • Veröffentlicht 27.03.2026 05:30:23
  • Zuletzt bearbeitet 15.05.2026 19:17:04

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime f...

  • EPSS 0.16%
  • Veröffentlicht 26.03.2026 20:06:33
  • Zuletzt bearbeitet 19.05.2026 14:16:33

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to ...

  • EPSS 0.22%
  • Veröffentlicht 26.03.2026 20:06:30
  • Zuletzt bearbeitet 19.05.2026 14:16:36

A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtrackin...

  • EPSS 0.44%
  • Veröffentlicht 26.03.2026 20:06:29
  • Zuletzt bearbeitet 19.05.2026 14:16:38

A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to re...

  • EPSS 0.41%
  • Veröffentlicht 26.03.2026 20:06:28
  • Zuletzt bearbeitet 19.05.2026 14:16:32

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them unde...

  • EPSS 0.58%
  • Veröffentlicht 26.03.2026 20:06:28
  • Zuletzt bearbeitet 19.05.2026 14:16:36

A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface)...