Vulnerabilities in Red Hat

1,504 results

Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2023-39198HIGHKernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create()EPSS 0.4%CVE-2022-3205MEDIUMController: cross site scripting in automation controller uiEPSS 0.4%CVE-2025-6052LOWGlib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstringEPSS 0.4%CVE-2023-39193MEDIUMKernel: netfilter: xtables sctp out-of-bounds read in match_flags()EPSS 0.4%CVE-2023-32251LOWKernel: ksmbd brute force delay bypass via asynchronous requestsEPSS 0.4%CVE-2026-9803MEDIUMKeycloak: keycloak: denial of service via malformed authorization headerEPSS 0.4%CVE-2025-3360LOWGlibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().EPSS 0.4%CVE-2025-4478MEDIUMGnome-remote-desktop: freerdp: unauthenticated rdp packet causes segfault in freerdp leading to denial of serviceEPSS 0.4%CVE-2025-12105HIGHLibsoup: heap use-after-free in libsoup message queue handling during http/2 read completionEPSS 0.4%CVE-2026-4282HIGHKeycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flawEPSS 0.4%CVE-2024-3296MEDIUMRust-openssl: timing based side-channel can lead to a bleichenbacher style attackEPSS 0.4%CVE-2023-39189MEDIUMKernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()EPSS 0.4%CVE-2024-7128MEDIUMOpenshift-console: unauthenticated data exposureEPSS 0.4%CVE-2023-47039HIGHPerl: perl for windows binary hijacking vulnerabilityEPSS 0.4%CVE-2017-2621MEDIUMAn access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory wEPSS 0.4%CVE-2026-32590HIGHMirror-registry: remote code execution using pickle deserializationEPSS 0.4%CVE-2026-9086HIGHKeycloak: keycloak: cross-site scripting (xss) via case-insensitive uri validation bypassEPSS 0.4%CVE-2025-6035MEDIUMGimp: gimp integer overflowEPSS 0.4%CVE-2023-6270HIGHKernel: aoe: improper reference count leads to use-after-free vulnerabilityEPSS 0.4%CVE-2023-40549MEDIUMShim: out-of-bounds read in verify_buffer_authenticode() malformed pe fileEPSS 0.4%

← previouspage 40 / 76next →