Vulnerabilidades en Red Hat

1512 resultados
Análisis Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2019-19351HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the EPSS 0.2%CVE-2019-19355HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access EPSS 0.2%CVE-2026-3442MEDIUMBinutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linkerEPSS 0.2%CVE-2026-12706MEDIUMFfmpeg: ffmpeg: heap use-after-free read in rasc decoder decode_move()EPSS 0.2%CVE-2025-0577MEDIUMGlibc: vdso getrandom acceleration may return predictable randomnessEPSS 0.2%CVE-2026-12975HIGHApicurio/apicurio-registry: apicurio-registry: unhardened saxparser in content-type detection leads to blind xxe / ssrf / billion-laughs dosEPSS 0.2%CVE-2026-11611MEDIUM389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditionsEPSS 0.2%CVE-2024-45774MEDIUMGrub2: reader/jpeg: heap oob write during jpeg parsingEPSS 0.2%CVE-2024-12369MEDIUMElytron-oidc-client: oidc authorization code injectionEPSS 0.2%CVE-2026-32589HIGHMirror-registry: quay: insecure direct object reference in blobuploadEPSS 0.2%CVE-2023-39328MEDIUMOpenjpeg: denail of service via crafted image fileEPSS 0.2%CVE-2025-5416LOWKeycloak-core: keycloak environment informationEPSS 0.2%CVE-2024-8235MEDIUMLibvirt: crash of virtinterfaced via virconnectlistinterfaces()EPSS 0.2%CVE-2023-2680HIGHDma reentrancy issue (incomplete fix for cve-2021-3750)EPSS 0.2%CVE-2026-2092HIGHKeycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertionsEPSS 0.2%CVE-2024-0607MEDIUMKernel: nf_tables: pointer math issue in nft_byteorder_eval()EPSS 0.2%CVE-2023-4237HIGHPlatform: ec2_key module prints out the private key directly to the standard outputEPSS 0.2%CVE-2026-12491MEDIUMVllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectationsEPSS 0.2%CVE-2026-58014HIGHGlib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"EPSS 0.2%CVE-2025-5988MEDIUMAap-gateway: csrf origin checking is disabledEPSS 0.2%