Vulnerabilities in Red Hat

1,504 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-6494MEDIUMAap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized inputEPSS 0.3%CVE-2023-3428MEDIUMImagemagick: heap-buffer-overflow in coders/tiff.cEPSS 0.3%CVE-2025-2786MEDIUMTempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operatorEPSS 0.3%CVE-2025-12790HIGHRubygem-mqtt: rubygem-mqtt hostname validationEPSS 0.3%CVE-2026-9087MEDIUMKeycloak: cross-session email verification proof not bound to upstream identity in first-broker-loginEPSS 0.3%CVE-2026-1467MEDIUMLibsoup: libsoup: http header injection via specially crafted urls when an http proxy is configuredEPSS 0.3%CVE-2024-43168MEDIUMUnbound: heap-buffer-overflow in unboundEPSS 0.3%CVE-2026-9800HIGHKeycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparisonEPSS 0.3%CVE-2024-8443LOWLibopensc: heap buffer overflow in openpgp driver when generating keyEPSS 0.3%CVE-2023-6679MEDIUMKernel: null pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.cEPSS 0.3%CVE-2025-4476MEDIUMLibsoup: null pointer dereference in libsoup may lead to denial of serviceEPSS 0.3%CVE-2024-56826MEDIUMOpenjpeg: heap buffer overflow in bin/common/color.cEPSS 0.3%CVE-2025-4382MEDIUMGrub2: grub allow access to encrypted device through cli once root device is unlocked via tpmEPSS 0.3%CVE-2019-19339MEDIUMIt was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the EPSS 0.3%CVE-2024-0646HIGHKernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destinationEPSS 0.3%CVE-2026-55654LOWOpenssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel terminationEPSS 0.3%CVE-2026-0871MEDIUMOrg.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administratorsEPSS 0.3%CVE-2026-52718MEDIUMGstreamer1-plugins-bad-free: gstreamer: denial of service via av1 tile_list_obu parser byte/bit confusionEPSS 0.3%CVE-2023-38472MEDIUMReachable assertion in avahi_rdata_parseEPSS 0.3%CVE-2025-13601HIGHGlib: integer overflow in in g_escape_uri_string()EPSS 0.3%