Vulnerabilidades em RED HAT
1.504 resultadosCVE-2025-32912MEDIUMLibsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authenticationEPSS 0.4%CVE-2026-9150MEDIUMLibsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksumsEPSS 0.4%CVE-2025-32910MEDIUMLibsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authenticationEPSS 0.4%CVE-2025-1125HIGHGrub2: fs/hfs: integer overflow may lead to heap based out-of-bounds writeEPSS 0.4%CVE-2020-1698MEDIUMA flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. EPSS 0.4%CVE-2025-7039LOWGlib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()EPSS 0.4%CVE-2025-47712MEDIUMNbd: nbdkit: integer overflow triggers an assertion resulting in denial of serviceEPSS 0.4%CVE-2026-11807CRITICALEda-server: websocket missing authorization allows credential theft via activation_id spoofingEPSS 0.4%CVE-2026-37981MEDIUMKeycloak: org.keycloak.authorization: keycloak: information disclosure via broken access control in user lookup endpointEPSS 0.4%CVE-2026-5419LOWGnutls: gnutls: information disclosure via timing side-channel in pkcs#7 padding removalEPSS 0.4%CVE-2026-1190LOWOrg.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdataEPSS 0.4%CVE-2025-3910MEDIUMOrg.keycloak.authentication: two factor authentication bypassEPSS 0.4%CVE-2022-4900MEDIUMPotential buffer overflow in php_cli_server_startup_workersEPSS 0.4%CVE-2026-37979MEDIUMKeycloak: keycloak: information disclosure via oidc token introspection endpoint audience bypassEPSS 0.4%CVE-2025-1057MEDIUMKeylime: keylime registrar dos due to incompatible database entry handlingEPSS 0.4%CVE-2017-2663HIGHIt was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and cEPSS 0.4%CVE-2025-7784MEDIUMOrg.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled)EPSS 0.4%CVE-2023-43788MEDIUMLibxpm: out of bounds read in xpmcreatexpmimagefrombuffer()EPSS 0.4%CVE-2025-13881LOWOrg.keycloak.services.resources.admin: keycloak: limited administrator can retrieve sensitive user attributes via admin apiEPSS 0.4%CVE-2024-2494MEDIUMLibvirt: negative g_new0 length can lead to unbounded memory allocationEPSS 0.4%