Vulnerabilities in Red Hat

1,512 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2025-12110MEDIUMKeycloak: org.keycloak:keycloak-services: user can refresh offline session even after client's offline_access scope was removedEPSS 0.3%CVE-2019-10205MEDIUMA flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker able to perform database queries in the Red EPSS 0.3%CVE-2024-1151MEDIUMKernel: stack overflow problem in open vswitch kernel module leading to dosEPSS 0.3%CVE-2024-8775MEDIUMAnsible-core: exposure of sensitive information in ansible vault files due to improper loggingEPSS 0.3%CVE-2025-0678HIGHGrub2: squash4: integer overflow may lead to heap based out-of-bounds write when reading dataEPSS 0.3%CVE-2024-1048LOWGrub2: grub2-set-bootflag can be abused by local (pseudo-)usersEPSS 0.3%CVE-2025-6920MEDIUMAi-inference-server: authentication bypass via unprotected inference endpoint in apiEPSS 0.3%CVE-2024-10973MEDIUMKeycloak: cli option for encrypted jgroups ignoredEPSS 0.3%CVE-2026-11792LOW389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)EPSS 0.3%CVE-2026-9792MEDIUMKeycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisitionEPSS 0.3%CVE-2024-6126LOWCockpit: authenticated user can kill any process when enabling pam_env's user_readenv optionEPSS 0.3%CVE-2023-42752MEDIUMKernel: integer overflow in igmpv3_newpack leading to exploitable memory accessEPSS 0.3%CVE-2022-4318HIGHCri-o: /etc/passwd tampering privescEPSS 0.3%CVE-2024-10041MEDIUMPam: libpam: libpam vulnerable to read hashed passwordEPSS 0.3%CVE-2024-45778MEDIUMGrub2: fs/bfs: integer overflow in the bfs parser.EPSS 0.3%CVE-2026-12891MEDIUMGstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.266/vvc vui parameter parserEPSS 0.3%CVE-2026-34001HIGHXorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruptionEPSS 0.3%CVE-2010-3282389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is eEPSS 0.3%CVE-2026-6848MEDIUMQuay: red hat quay: authentication bypass allows privileged actions without valid credentialsEPSS 0.3%CVE-2024-45780MEDIUMGrub2: fs/tar: integer overflow causes heap oob writeEPSS 0.3%