Vulnerabilities in Red Hat

1,518 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2022-3261MEDIUMPlain-text passwords saved in /var/log/messagesEPSS 0.3%CVE-2026-10517MEDIUMClair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissanceEPSS 0.3%CVE-2019-3875MEDIUMA vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRLEPSS 0.3%CVE-2026-11790MEDIUM389-ds-base: 389-ds-base: pbkdf2 password storage plugin unbounded iteration count denial of serviceEPSS 0.3%CVE-2025-2843HIGHObservability-operator: observability operator privilege escalationEPSS 0.3%CVE-2019-14886MEDIUMA vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_securitEPSS 0.3%CVE-2025-10044MEDIUMKeycloak: keycloak error_description injection on error pagesEPSS 0.3%CVE-2026-9149MEDIUMLibsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv fileEPSS 0.3%CVE-2023-6238MEDIUMKernel: nvme: memory corruption via unprivileged user passthroughEPSS 0.3%CVE-2025-8283LOWNetavark: podman: netavark may resolve hostnames to unexpected hostsEPSS 0.3%CVE-2024-45770MEDIUMPcp: pmpost symlink attack allows escalating pcp to root userEPSS 0.3%CVE-2024-9683MEDIUMQuay: quay allows successful authentication with trucated version of the passwordEPSS 0.3%CVE-2023-3355MEDIUMNull pointer dereference in submit_lookup_cmds() in drivers/gpu/drm/msm/msm_gem_submit.cEPSS 0.3%CVE-2025-60018MEDIUMGlib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()"EPSS 0.3%CVE-2025-25208MEDIUMRhcl: authorino denial of service through authpolicy with sharedsecretref severityEPSS 0.3%CVE-2026-52722HIGHGstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handlingEPSS 0.3%CVE-2026-9099HIGHKeycloak: group-admin escalation to realm-adminEPSS 0.3%CVE-2023-0160MEDIUMPossibility of deadlock in libbpf function sock_hash_delete_elemEPSS 0.3%CVE-2024-52336HIGHTuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by rootEPSS 0.3%CVE-2024-45618LOWLibopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15initEPSS 0.3%