Vulnerabilidades em RED HAT
1.478 resultadosCVE-2023-7216MEDIUMCpio: extraction allows symlinks which enables remote command executionEPSS 0.9%CVE-2018-10884HIGHAnsible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker cEPSS 0.9%CVE-2024-9632HIGHXorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerabilityEPSS 0.9%CVE-2024-45496CRITICALOpenshift-controller-manager: elevated build pods can lead to node compromise in openshiftEPSS 0.9%CVE-2024-1139HIGHCluster-monitoring-operator: credentials leakEPSS 0.9%CVE-2023-5236MEDIUMInfinispan: circular reference on marshalling leads to dosEPSS 0.9%CVE-2026-12398HIGHGalaxy_ng: shell injection in legacy role import via unsanitized git ref namesEPSS 0.9%CVE-2023-6681MEDIUMJwcrypto: denail of service via specifically crafted jweEPSS 0.9%CVE-2026-4424HIGHLibarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processingEPSS 0.9%CVE-2019-10207MEDIUMA flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attackEPSS 0.9%CVE-2024-0914MEDIUMOpencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)EPSS 0.9%CVE-2026-6324MEDIUMLibsoup: libsoup: http request smuggling via unsigned to signed conversion errorEPSS 0.9%CVE-2019-3889MEDIUMA reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprisEPSS 0.9%CVE-2026-5367HIGHOvn: ovn: information disclosure via crafted dhcpv6 packetsEPSS 0.9%CVE-2026-35091HIGHCorosync: corosync: denial of service and information disclosure via crafted udp packetEPSS 0.9%CVE-2023-5557HIGHTracker-miners: sandbox escapeEPSS 0.9%CVE-2023-5115MEDIUMAnsible: malicious role archive can cause ansible-galaxy to overwrite arbitrary filesEPSS 0.9%CVE-2023-6476MEDIUMCri-o: pods are able to break out of resource confinement on cgroupv2EPSS 0.9%CVE-2023-0813HIGHNetwork-observability-console-plugin-container: setting loki authtoken configuration to disable or host mode leads to authentication longer being enforcedEPSS 0.9%CVE-2020-1741MEDIUMA flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed originEPSS 0.9%