Vulnerabilities in Red Hat

1,492 results

Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2023-4456MEDIUMOpenshift-logging: lokistack authorisation is cached too broadlyEPSS 0.5%CVE-2023-1832MEDIUMImproper authorization check in the server componentEPSS 0.5%CVE-2026-2239LOWGimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflowEPSS 0.5%CVE-2017-7513MEDIUMIt was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host EPSS 0.5%CVE-2020-25720HIGHSamba: check attribute access rights for ldap adds of computersEPSS 0.5%CVE-2025-49520HIGHEvent-driven-ansible: authenticated argument injection in git url in eda project creationEPSS 0.5%CVE-2026-52720HIGHGstreamer1-plugins-bad-free: gstreamer: heap buffer overflow via crafted vnc server rectangle in librfbEPSS 0.5%CVE-2025-32051MEDIUMLibsoup: segmentation fault when parsing malformed data uriEPSS 0.5%CVE-2026-6507HIGHDnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processingEPSS 0.5%CVE-2025-62229HIGHXorg: xmayland: use-after-free in xpresentnotify structure creationEPSS 0.5%CVE-2023-1636MEDIUMIncomplete container isolationEPSS 0.5%CVE-2026-5483HIGHOdh-dashboard: odh dashboard kubernetes service account exposureEPSS 0.5%CVE-2024-12582HIGHSkupper: skupper-cli: flawed authentication method may lead to arbitrary file read or denial of serviceEPSS 0.5%CVE-2023-4956MEDIUMQuay: clickjacking on config-editor page severityEPSS 0.5%CVE-2025-46421MEDIUMLibsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a serverEPSS 0.5%CVE-2026-9801MEDIUMKeycloak: keycloak: denial of service via malformed ldap password policy responseEPSS 0.5%CVE-2025-49795HIGHLibxml: null pointer dereference leads to denial of service (dos)EPSS 0.5%CVE-2026-42011HIGHGnutls: gnutls: security bypass due to incorrect name constraint handlingEPSS 0.5%CVE-2025-26597HIGHXorg: xwayland: buffer overflow in xkbchangetypesofkey()EPSS 0.5%CVE-2026-3121MEDIUMKeycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permissionEPSS 0.5%

← previouspage 35 / 75next →