Large scale security vulnerabilities like the ones below receive special attention from Red Hat Product Security. In order to create the best experience possible for our customers during these critical moments, a specialized vulnerability page is created within the Red Hat Product Security Center which aggregates information, diagnostic tools, and updates in one easy-to-use interface. This list is a catalog of these pages.

A full list of all CVEs affecting Red Hat Products can be found in our CVE Database.

Browse Red Hat CVES
Alias / CVE Impact Status Public Datesort descending
Heartbleed vulnerability
Important
Resolved 07 Apr 2014
OpenSSL CCS Injection Vulnerability (CVE-2014-0224) Alert
Important
Resolved 05 Jun 2014
Shellshock vulnerability
Critical
Resolved 24 Sep 2014
Ghost vulnerability
Critical
Resolved 27 Jan 2015
Apache commons-collections: Remote code execution during deserialisation (CVE 2015-7501)
Critical
Resolved 06 Nov 2015
Use after free vulnerability in Linux kernel keychain management (CVE-2016-0728)
Important
Resolved 19 Jan 2016
glibc stack-based buffer overflow in getaddrinfo (CVE-2015-7547)
Critical
Resolved 16 Feb 2016
DROWN - Cross-protocol attack on TLS using SSLv2 (CVE-2016-0800)
Important
Resolved 01 Mar 2016
Badlock Security flaw in Samba - CVE-2016-2118
Important
Resolved 12 Apr 2016
ImageTragick - ImageMagick Filtering Vulnerability - CVE-2016-3714
Important
Resolved 03 May 2016
Director - Default root password set in Overcloud images - CVE-2016-4474
Important
Resolved 13 Jun 2016
Shared challenge ack vulnerability - CVE-2016-5696
Important
Resolved 12 Jul 2016
HTTPoxy - CGI "HTTP_PROXY" variable name clash
Important
Resolved 18 Jul 2016
systemd - Denial of Service Vulnerability
Moderate
Resolved 28 Sep 2016
Kernel Local Privilege Escalation "Dirty COW" - CVE-2016-5195
Important
Resolved 19 Oct 2016
Use-after-free in the IPv6 implementation of the DCCP protocol in the Linux kernel - CVE-2017-6074
Important
Resolved 22 Feb 2017
Local kernel privilege escalation in the HDLC TTY line discipline implementation - CVE-2017-2636
Important
Resolved 07 Mar 2017
openstack-glance API v1 copy_from() has SSRF flaw - CVE-2017-7200
Moderate
Resolved 15 Mar 2017
Samba - Loading shared modules from any path in the system leading to Remote Code Execution. - CVE-2017-7494
Important
Resolved 24 May 2017
sudo: Privilege escalation via improper get_process_ttyname() parsing
Important
Resolved 30 May 2017

Pages