Vulnerabilities in Red Hat

1,513 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2025-9640MEDIUMSamba: vfs_streams_xattr uninitialized memory write possibleEPSS 0.4%CVE-2022-3205MEDIUMController: cross site scripting in automation controller uiEPSS 0.4%CVE-2023-39194LOWKernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()EPSS 0.4%CVE-2023-39198HIGHKernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create()EPSS 0.4%CVE-2026-2369MEDIUMLibsoup: libsoup: buffer overread due to integer underflow when handling zero-length resourcesEPSS 0.4%CVE-2026-0989LOWLibxml2: unbounded relaxng include recursion leading to stack overflowEPSS 0.4%CVE-2025-6052LOWGlib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstringEPSS 0.4%CVE-2026-9086HIGHKeycloak: keycloak: cross-site scripting (xss) via case-insensitive uri validation bypassEPSS 0.4%CVE-2023-39193MEDIUMKernel: netfilter: xtables sctp out-of-bounds read in match_flags()EPSS 0.4%CVE-2026-7507HIGHOrg.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeoverEPSS 0.4%CVE-2026-58015MEDIUMGlib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receiveEPSS 0.4%CVE-2026-6859HIGHInstructlab: instructlab: arbitrary code execution due to hardcoded `trust_remote_code=true`EPSS 0.4%CVE-2026-9803MEDIUMKeycloak: keycloak: denial of service via malformed authorization headerEPSS 0.4%CVE-2025-4478MEDIUMGnome-remote-desktop: freerdp: unauthenticated rdp packet causes segfault in freerdp leading to denial of serviceEPSS 0.4%CVE-2025-3360LOWGlibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().EPSS 0.4%CVE-2025-12105HIGHLibsoup: heap use-after-free in libsoup message queue handling during http/2 read completionEPSS 0.4%CVE-2024-3296MEDIUMRust-openssl: timing based side-channel can lead to a bleichenbacher style attackEPSS 0.4%CVE-2023-39189MEDIUMKernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()EPSS 0.4%CVE-2023-47039HIGHPerl: perl for windows binary hijacking vulnerabilityEPSS 0.4%CVE-2024-7128MEDIUMOpenshift-console: unauthenticated data exposureEPSS 0.4%