Vulnerabilities in Red Hat

1,512 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2024-56827MEDIUMOpenjpeg: heap buffer overflow in lib/openjp2/j2k.cEPSS 0.2%CVE-2026-12912HIGHLibtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff imageEPSS 0.2%CVE-2026-46579HIGHOpenshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontendEPSS 0.2%CVE-2023-3863MEDIUMUse-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.cEPSS 0.2%CVE-2026-4366MEDIUMKeycloak-services: blind server-side request forgery (ssrf) via http redirect handling in keycloakEPSS 0.2%CVE-2024-1312MEDIUMKernel: race condition leads to use after free during vma lock in lock_vma_under_rcuEPSS 0.2%CVE-2024-5891MEDIUMQuay: unauthorized user may authenticate via oauth application tokenEPSS 0.2%CVE-2024-0217LOWPackagekitd: use-after-free in idle function callbackEPSS 0.2%CVE-2026-53702MEDIUMGstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parserEPSS 0.2%CVE-2025-5198MEDIUMStackrox: xss in stackroxEPSS 0.2%CVE-2026-37980MEDIUMOrg.keycloak.forms.login: keycloak: keycloak: arbitrary code execution via stored cross-site scripting (xss) in organization selection login pageEPSS 0.2%CVE-2024-11029MEDIUMFreeipa: administrative user data leaked through systemd journalEPSS 0.2%CVE-2025-6242HIGHVllm: server side request forgery (ssrf) in mediaconnectorEPSS 0.2%CVE-2025-7365HIGHKeycloak: phishing attack via email verification step in first login flowEPSS 0.2%CVE-2026-12528MEDIUM389-ds-base: 389-ds-base: heap-buffer-overflows in __aclp__normalize_acltxt()EPSS 0.2%CVE-2026-42965HIGHOpenshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validationEPSS 0.2%CVE-2024-1141MEDIUMGlance-store: glance store access key logged in debug log levelEPSS 0.2%CVE-2026-1940MEDIUMGstreamer: incomplete fix of cve-2026-1940EPSS 0.2%CVE-2025-4437MEDIUMCri-o: large /etc/passwd file may lead to denial of serviceEPSS 0.2%CVE-2023-6531HIGHKernel: gc's deletion of an skb races with unix_stream_read_generic() leading to uafEPSS 0.2%