Vulnerabilities in Red Hat

1,505 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2025-11060MEDIUMSurrealdb: surrealdb is vulnerable to unauthorized data exposure via live query subscriptionsEPSS 0.3%CVE-2024-52337MEDIUMTuned: improper sanitization of `instance_name` parameter of the `instance_create()` methodEPSS 0.3%CVE-2026-1536MEDIUMLibsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition headerEPSS 0.3%CVE-2024-9355MEDIUMGolang-fips: golang fips zeroed bufferEPSS 0.3%CVE-2026-12856HIGHVscode-java: vscode: command injection vulnerability in the javadoc hover provider of the vscode-java extensionEPSS 0.3%CVE-2025-5222HIGHIcu: stack buffer overflow in the srbroot::addtag functionEPSS 0.3%CVE-2025-8415MEDIUMCryostat: authentication bypass if network policies are disabledEPSS 0.3%CVE-2025-1801HIGHAap-gateway: aap-gateway privilege escalationEPSS 0.3%CVE-2026-4874LOWOrg.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulationEPSS 0.3%CVE-2024-49395MEDIUMMutt: neomutt: bcc email header field is indirectly leaked by cryptographic info blockEPSS 0.3%CVE-2020-10782MEDIUMAn exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be EPSS 0.3%CVE-2020-10737MEDIUMA race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the hoEPSS 0.3%CVE-2024-45620LOWLibopensc: incorrect handling of the length of buffers or files in pkcs15initEPSS 0.3%CVE-2022-3261MEDIUMPlain-text passwords saved in /var/log/messagesEPSS 0.3%CVE-2026-10517MEDIUMClair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissanceEPSS 0.3%CVE-2026-9795HIGHKeycloak: keycloak: privilege escalation via improper scope mapping enforcementEPSS 0.3%CVE-2019-3875MEDIUMA vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRLEPSS 0.3%CVE-2026-9149MEDIUMLibsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv fileEPSS 0.3%CVE-2025-10044MEDIUMKeycloak: keycloak error_description injection on error pagesEPSS 0.3%CVE-2019-14886MEDIUMA vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_securitEPSS 0.3%