Vulnerabilities in Red Hat

1,504 results

Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2024-9666MEDIUMOrg.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerabilityEPSS 0.4%CVE-2026-37978MEDIUMKeycloak: org.keycloak.services: keycloak: information disclosure via evaluate-scopes admin apiEPSS 0.4%CVE-2024-1441MEDIUMLibvirt: off-by-one error in udevlistinterfacesbystatus()EPSS 0.4%CVE-2023-39192MEDIUMKernel: netfilter: xtables out-of-bounds read in u32_match_it()EPSS 0.4%CVE-2025-6032HIGHPodman: podman missing tls verificationEPSS 0.4%CVE-2024-31419MEDIUMCnv: information disclosure through the usage of vm-dump-metricsEPSS 0.4%CVE-2025-59088HIGHPython-kdcproxy: unauthenticated ssrf via realm‑controlled dns srvEPSS 0.4%CVE-2026-0988LOWGlib: glib: denial of service via integer overflow in g_buffered_input_stream_peek()EPSS 0.4%CVE-2019-10224MEDIUMA flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may diEPSS 0.4%CVE-2025-0752HIGHEnvoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthorized accessEPSS 0.4%CVE-2023-40550MEDIUMShim: out-of-bound read in verify_buffer_sbat()EPSS 0.4%CVE-2026-6266HIGHAap-controller: aap-gateway: account hijacking and unauthorized access via unverified email linkingEPSS 0.4%CVE-2023-40551MEDIUMShim: out of bounds read when parsing mz binariesEPSS 0.4%CVE-2024-7318MEDIUMKeycloak-core: one time passcode (otp) is valid longer than expiration timeseverityEPSS 0.4%CVE-2026-8830MEDIUMKeycloak: org.keycloak/keycloak-services: keycloak: policy bypass during webauthn credential registration via client-side javascript manipulationEPSS 0.4%CVE-2024-8007HIGHOpenstack-tripleo-common: rhosp director disables tls verification for registry mirrorsEPSS 0.4%CVE-2024-9675HIGHBuildah: buildah allows arbitrary directory mountEPSS 0.4%CVE-2025-6020HIGHLinux-pam: linux-pam directory traversalEPSS 0.4%CVE-2024-7383HIGHLibnbd: nbd server improper certificate validationEPSS 0.4%CVE-2023-3347MEDIUMSamba: smb2 packet signing is not enforced when "server signing = required" is setEPSS 0.4%

← previouspage 42 / 76next →