Vulnerabilidades en RED HAT

1519 resultados
CVE-2023-2680HIGHDma reentrancy issue (incomplete fix for cve-2021-3750)EPSS 0.2%CVE-2026-4629MEDIUMKeycloak: keycloak: privilege escalation through hardcoded role mapper injectionEPSS 0.2%CVE-2023-4237HIGHPlatform: ec2_key module prints out the private key directly to the standard outputEPSS 0.2%CVE-2026-12491MEDIUMVllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectationsEPSS 0.2%CVE-2024-0607MEDIUMKernel: nf_tables: pointer math issue in nft_byteorder_eval()EPSS 0.2%CVE-2025-5988MEDIUMAap-gateway: csrf origin checking is disabledEPSS 0.2%CVE-2026-1539MEDIUMLibsoup: libsoup: credential leakage via http redirectsEPSS 0.2%CVE-2023-3773MEDIUMKernel: xfrm: out-of-bounds read of xfrma_mtimer_thresh nlattrEPSS 0.2%CVE-2026-1518LOWKeycloak: blind server-side request forgery (ssrf) via ciba backchannel notification endpoint in keycloakEPSS 0.2%CVE-2026-10609MEDIUMOpenshift/cluster-logging-operator: cluster logging operator creates and forwards serviceaccount tokens without verifying clf creator authorizationEPSS 0.2%CVE-2024-0340MEDIUMKernel: information disclosure in vhost/vhost.c:vhost_new_msg()EPSS 0.2%CVE-2025-0750MEDIUMCri-o: cri-o path traversal in log handling functions allows arbitrary unmountingEPSS 0.2%CVE-2023-5090MEDIUMKernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrsEPSS 0.2%CVE-2023-3180MEDIUMHeap buffer overflow in virtio_crypto_sym_op_helper()EPSS 0.2%CVE-2024-45781MEDIUMGrub2: fs/ufs: oob write in the heapEPSS 0.2%CVE-2025-12103MEDIUMOpenshift-ai: trusty ai grants all authenticated users to list pods in any namespaceEPSS 0.2%CVE-2024-45776MEDIUMGrub2: grub-core/gettext: integer overflow leads to heap oob write and read.EPSS 0.2%CVE-2026-12388MEDIUMKeycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapperEPSS 0.2%CVE-2026-58379HIGHGimp: gimp: heap buffer overflow in read_channel_data()EPSS 0.2%CVE-2025-66286MEDIUMWebkitgtk: authorization bypass through webpage::send-request signal handlerEPSS 0.2%