Vulnerabilidades em RED HAT
1.485 resultadosCVE-2019-3845HIGHA lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before EPSS 0.7%CVE-2020-10727—A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plainEPSS 0.7%CVE-2024-4369MEDIUMCluster-image-registry-operator: exposes a secret via env variable in pod definition on azureEPSS 0.7%CVE-2023-7090MEDIUMSudo: improper handling of ipa_hostname leads to privilege mismanagementEPSS 0.7%CVE-2019-14866MEDIUMIn all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR arcEPSS 0.7%CVE-2026-26157HIGHBusybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitizationEPSS 0.7%CVE-2024-52616MEDIUMAvahi: avahi wide-area dns predictable transaction idsEPSS 0.7%CVE-2019-3891MEDIUMIt was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the CanEPSS 0.7%CVE-2023-2593MEDIUMKernel: ksmbd memory exhaustion denial-of-service vulnerabilityEPSS 0.7%CVE-2026-28369HIGHUndertow: undertow: request smuggling via malformed http request headersEPSS 0.7%CVE-2024-8768HIGHVllm: a completions api request with an empty prompt will crash the vllm api server.EPSS 0.7%CVE-2023-5349MEDIUMDraw while calling getdrawinfo()EPSS 0.7%CVE-2025-0690MEDIUMGrub2: read: integer overflow may lead to out-of-bounds writeEPSS 0.7%CVE-2023-3971HIGHController: html injection in custom login infoEPSS 0.7%CVE-2025-2784HIGHLibsoup: heap buffer over-read in `skip_insignificant_space` when sniffing contentEPSS 0.7%CVE-2025-49794CRITICALLibxml: heap use after free (uaf) leads to denial of service (dos)EPSS 0.7%CVE-2019-3876MEDIUMA flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to EPSS 0.7%CVE-2026-42015MEDIUMGnutls: gnutls: memory corruption due to off-by-one error in pkcs#12 bag handlingEPSS 0.7%CVE-2026-5260HIGHGnutls: gnutls: information disclosure via heap overread in rsa key exchangeEPSS 0.7%CVE-2024-2698HIGHFreeipa: delegation rules allow a proxy service to impersonate any user to access another target serviceEPSS 0.7%