Vulnerabilities in Red Hat

1,518 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2023-4065MEDIUMOperator: plaintext password in operator logEPSS 0.2%CVE-2023-5088MEDIUMQemu: improper ide controller reset can lead to mbr overwriteEPSS 0.2%CVE-2024-8939MEDIUMVllm: denials of service in vllm json web apiEPSS 0.2%CVE-2024-45777MEDIUMGrub2: grub-core/gettext: integer overflow leads to heap oob write.EPSS 0.2%CVE-2026-10533MEDIUMOpenshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradationEPSS 0.2%CVE-2026-12912HIGHLibtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff imageEPSS 0.2%CVE-2024-56827MEDIUMOpenjpeg: heap buffer overflow in lib/openjp2/j2k.cEPSS 0.2%CVE-2026-46579HIGHOpenshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontendEPSS 0.2%CVE-2023-3863MEDIUMUse-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.cEPSS 0.2%CVE-2026-53702MEDIUMGstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parserEPSS 0.2%CVE-2026-4366MEDIUMKeycloak-services: blind server-side request forgery (ssrf) via http redirect handling in keycloakEPSS 0.2%CVE-2024-1312MEDIUMKernel: race condition leads to use after free during vma lock in lock_vma_under_rcuEPSS 0.2%CVE-2024-5891MEDIUMQuay: unauthorized user may authenticate via oauth application tokenEPSS 0.2%CVE-2024-0217LOWPackagekitd: use-after-free in idle function callbackEPSS 0.2%CVE-2025-5198MEDIUMStackrox: xss in stackroxEPSS 0.2%CVE-2026-37980MEDIUMOrg.keycloak.forms.login: keycloak: keycloak: arbitrary code execution via stored cross-site scripting (xss) in organization selection login pageEPSS 0.2%CVE-2026-12528MEDIUM389-ds-base: 389-ds-base: heap-buffer-overflows in __aclp__normalize_acltxt()EPSS 0.2%CVE-2025-6242HIGHVllm: server side request forgery (ssrf) in mediaconnectorEPSS 0.2%CVE-2026-42965HIGHOpenshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validationEPSS 0.2%CVE-2025-7365HIGHKeycloak: phishing attack via email verification step in first login flowEPSS 0.2%