Vulnerabilidades em RED HAT
1.478 resultadosCVE-2024-1485HIGHRegistry-support: decompress can delete files outside scope via relative pathsEPSS 0.9%CVE-2019-19336MEDIUMA cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL parameters weEPSS 0.9%CVE-2023-0923HIGHOdh-notebook-controller-container: missing authorization allows for file contents disclosureEPSS 0.9%CVE-2024-10451MEDIUMOrg.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build processEPSS 0.9%CVE-2017-15125MEDIUMA flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTEPSS 0.9%CVE-2023-7250MEDIUMIperf3: possible denial of serviceEPSS 0.9%CVE-2024-7557HIGHOdh-dashboard: odh-model-controller: cross-model authentication bypass in openshift aiEPSS 0.9%CVE-2024-0406MEDIUMMholt/archiver: path traversal vulnerabilityEPSS 0.9%CVE-2024-11734MEDIUMOrg.keycloak:keycloak-quarkus-server: denial of service in keycloak server via security headersEPSS 0.9%CVE-2019-3873MEDIUMIt was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XMEPSS 0.9%CVE-2017-2589HIGHIt was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies arEPSS 0.9%CVE-2023-40660MEDIUMOpensc: potential pin bypass when card tracks its own login stateEPSS 0.9%CVE-2024-6237MEDIUM389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search requestEPSS 0.9%CVE-2023-5871MEDIUMLibnbd: malicious nbd server may crash libnbdEPSS 0.9%CVE-2013-0186—Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspeEPSS 0.9%CVE-2023-6134MEDIUMKeycloak: reflected xss via wildcard in oidc redirect_uriEPSS 0.9%CVE-2012-5626—EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss PorEPSS 0.9%CVE-2025-2240HIGHSmallrye-fault-tolerance: smallrye fault toleranceEPSS 0.9%CVE-2020-1758MEDIUMA flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using tEPSS 0.9%CVE-2026-2340MEDIUMSamba: vfs_worm does not block directory modificationEPSS 0.9%