Vulnerabilities in Red Hat

1,504 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2019-14826MEDIUMA flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this EPSS 0.3%CVE-2026-11789MEDIUM389-ds-base: 389-ds-base: smd5 password storage plugin salt length integer underflow crashEPSS 0.3%CVE-2026-11793MEDIUM389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsingEPSS 0.3%CVE-2024-12225CRITICALIo.quarkus:quarkus-security-webauthn: quarkus webauthn unexpected authentication bypassEPSS 0.3%CVE-2024-4467HIGHQemu-kvm: 'qemu-img info' leads to host file read/writeEPSS 0.3%CVE-2026-3009HIGHOrg.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass)EPSS 0.3%CVE-2026-3911LOWOrg.keycloak.services.resources.admin.userresource: keycloak: information disclosure of disabled user attributes via administrative endpointEPSS 0.3%CVE-2026-3234MEDIUMMod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injectionEPSS 0.3%CVE-2025-60019LOWGlib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based()EPSS 0.3%CVE-2025-2842MEDIUMTempo-operator: tempo operator token exposition lead to read sensitive dataEPSS 0.3%CVE-2026-9794MEDIUMKeycloak: keycloak: information disclosure via saml ecp endpointEPSS 0.3%CVE-2024-49393MEDIUMMutt: neomutt: to and cc email header fields are not protected by cryptographic signingEPSS 0.3%CVE-2026-40919MEDIUMGimp: gimp: denial of service via specially crafted seattle filmworks fileEPSS 0.3%CVE-2023-4042MEDIUMGhostscript: incomplete fix for cve-2020-16305EPSS 0.3%CVE-2023-6693MEDIUMQemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()EPSS 0.3%CVE-2026-2733LOWOrg.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocolEPSS 0.3%CVE-2024-49394MEDIUMMutt: neomutt: in-reply-to email header field it not protected by cryptograpic signingEPSS 0.3%CVE-2026-11577HIGHKeycloak: keycloak: privilege escalation via partialimport fgap permission bypassEPSS 0.3%CVE-2023-6236HIGHEap: oidc app attempting to access the second tenant, the user should be prompted to logEPSS 0.3%CVE-2024-2905MEDIUMRpm-ostree: world-readable /etc/shadow fileEPSS 0.3%