Vulnerabilities in Red Hat

1,512 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2020-10744MEDIUMAn incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from becomeEPSS 0.3%CVE-2023-4611HIGHUse after free race between mbind() and vma-locked page faultEPSS 0.3%CVE-2024-0562HIGHKernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.cEPSS 0.3%CVE-2025-8941HIGHLinux-pam: incomplete fix for cve-2025-6020EPSS 0.3%CVE-2026-5119MEDIUMLibsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishmentEPSS 0.3%CVE-2023-4389HIGHKernel: btrfs: double free in btrfs_get_root_ref()EPSS 0.3%CVE-2026-1530HIGHFog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validationEPSS 0.3%CVE-2026-37977LOWKeycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claimEPSS 0.3%CVE-2023-4959MEDIUMQuay: cross-site request forgery (csrf) on config-editor pageEPSS 0.3%CVE-2025-0685MEDIUMGrub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dataEPSS 0.3%CVE-2025-0686MEDIUMGrub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading datEPSS 0.3%CVE-2025-0754MEDIUMEnvoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and potential spoofingEPSS 0.3%CVE-2023-3899HIGHSubscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configurationEPSS 0.3%CVE-2026-10118HIGHPoppler: integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplicationEPSS 0.3%CVE-2026-3429MEDIUMOrg.keycloak.services.resources.account: improper access control leading to mfa deletion and account takeover in keycloak account rest apiEPSS 0.3%CVE-2025-46397HIGHXfig: xfig: stack-overflow allows possible code execution via local input manipulationEPSS 0.3%CVE-2025-0684MEDIUMGrub2: reiserfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dataEPSS 0.3%CVE-2023-3301MEDIUMTriggerable assertion due to race condition in hot-unplugEPSS 0.3%CVE-2023-6176MEDIUMKernel: local dos vulnerability in scatterwalk_copychunksEPSS 0.3%CVE-2024-6519HIGHQemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerabilityEPSS 0.3%