Vulnerabilidades en Red Hat

1513 resultados
Análisis Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-13434MEDIUMVirt-controller-rhel9: kubevirt: kubevirt: multus default-network annotation injection via unvalidated tenant networkname when externalnetresourceinjection is enabledEPSS 0.2%CVE-2026-9073MEDIUMForeman-mcp-server: mcp server: insecure sensitive http header sanitizationEPSS 0.2%CVE-2025-3931HIGHYggdrasil: local privilege escalation in yggdrasilEPSS 0.2%CVE-2023-4066MEDIUMOperator: passwords defined in secrets shown in statefulset yamlEPSS 0.2%CVE-2026-42014MEDIUMGnutls: gnutls: use-after-free in gnutls_pkcs11_token_set_pinEPSS 0.1%CVE-2025-13327MEDIUMUv: uv: specially crafted zip archives lead to arbitrary code execution due to parsing differentialsEPSS 0.1%CVE-2026-1784HIGHOse-cluster-ingress-operator: remote code execution through haproxy configuration injectionEPSS 0.1%CVE-2026-6383MEDIUMKubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluationEPSS 0.1%CVE-2025-4057MEDIUMActivemq-artemis-operator: amq broker operator starting credentials reuseEPSS 0.1%CVE-2025-6199LOWGdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoderEPSS 0.1%CVE-2026-50264HIGHXorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds heap write in dri2 drigetbuffers/drigetbufferswithformatEPSS 0.1%CVE-2025-8860LOWQemu-kvm: uefi-vars: information disclosure vulnerability in uefi_vars_write callbackEPSS 0.1%CVE-2025-57847MEDIUMAnsible-automation-platform: privilege escalation via excessive group writable /etc/passwd permissionsEPSS 0.1%CVE-2025-57852MEDIUMOpenshift-ai: privilege escalation via excessive /etc/passwd permissionsEPSS 0.1%CVE-2026-35094LOWLibinput: libinput: information disclosure via dangling pointer in lua plugin handlingEPSS 0.1%CVE-2025-58713MEDIUMRhpam: privilege escalation via excessive /etc/passwd permissionsEPSS 0.1%CVE-2025-57854MEDIUMOsus-operator: privilege escalation via excessive /etc/passwd permissionsEPSS 0.1%CVE-2026-0665MEDIUMQemu-kvm: heap off-by-one in kvm xen physdevop_map_pirqEPSS 0.1%CVE-2025-2157LOWForeman: disclosure of executed commands and outputs in foreman / red hat satelliteEPSS 0.1%CVE-2026-4105MEDIUMSystemd: systemd: privilege escalation via improper access control in registermachine d-bus methodEPSS 0.1%