Vulnerabilidades em Red Hat

1.504 resultados

Análise Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2025-11021HIGHLibsoup: out-of-bounds read in cookie date handling of libsoup http libraryEPSS 0.6%CVE-2024-8509HIGHMigration toolkit for virtualization: forklift-controller: empty bearer token may perform authenticationEPSS 0.6%CVE-2026-0966MEDIUMLibssh: libssh: denial of service via zero-length input in ssh_get_hexa()EPSS 0.6%CVE-2023-3629MEDIUMInfinispan: non-admins should not be able to get cache config via rest apiEPSS 0.6%CVE-2024-50311MEDIUMGraphql: denial of service (dos) vulnerability via graphql batchingEPSS 0.6%CVE-2025-32052MEDIUMLibsoup: heap buffer overflow in sniff_unknown()EPSS 0.6%CVE-2024-52615MEDIUMAvahi: avahi wide-area dns uses constant source portEPSS 0.6%CVE-2024-5953MEDIUM389-ds-base: malformed userpassword hash may cause denial of serviceEPSS 0.6%CVE-2026-7374CRITICALKubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerabilityEPSS 0.6%CVE-2023-5455MEDIUMIpa: invalid csrf protectionEPSS 0.6%CVE-2025-32907MEDIUMLibsoup: denial of service in server when client requests a large amount of overlapping ranges with range headerEPSS 0.6%CVE-2025-32053MEDIUMLibsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()EPSS 0.6%CVE-2024-6538MEDIUMOpenshift-console: openshift console: server-side request forgeryEPSS 0.6%CVE-2024-5148HIGHGnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificateEPSS 0.6%CVE-2023-1672MEDIUMRace condition exists in the key generation and rotation functionalityEPSS 0.6%CVE-2020-14330MEDIUMAn Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content aEPSS 0.6%CVE-2026-3833MEDIUMGnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparisonEPSS 0.6%CVE-2024-2199MEDIUM389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.cEPSS 0.6%CVE-2025-0604MEDIUMKeycloak-ldap-federation: authentication bypass due to missing ldap bind after password reset in keycloakEPSS 0.6%CVE-2025-12744HIGHAbrt: command-injection in abrt leading to local privilege escalationEPSS 0.6%

← anteriorpágina 30 / 76próxima →