Vulnerabilidades en Red Hat

1512 resultados
Análisis Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-34001HIGHXorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruptionEPSS 0.3%CVE-2026-58012MEDIUMGlib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()EPSS 0.3%CVE-2026-58010MEDIUMGlib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()EPSS 0.3%CVE-2026-6848MEDIUMQuay: red hat quay: authentication bypass allows privileged actions without valid credentialsEPSS 0.3%CVE-2025-0622MEDIUMGrub2: command/gpg: use-after-free due to hooks not being removed on module unloadEPSS 0.3%CVE-2026-4324MEDIUMRubygem-katello: katello: denial of service and potential information disclosure via sql injectionEPSS 0.3%CVE-2024-45780MEDIUMGrub2: fs/tar: integer overflow causes heap oob writeEPSS 0.3%CVE-2026-3012HIGHSamba: group policy certificate enrollment uses http:// without validationEPSS 0.3%CVE-2026-6384HIGHGimp: gimp: arbitrary code execution or denial of service via buffer overflow in gif image processingEPSS 0.3%CVE-2026-11850MEDIUMKrb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds readEPSS 0.3%CVE-2024-45779MEDIUMGrub2: fs/bfs: integer overflow leads to heap oob read in the bfs parserEPSS 0.3%CVE-2025-14525MEDIUMKubevirt: kubevirt: vm administration denial of service via guest agentEPSS 0.3%CVE-2020-1705HIGHA vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modificationEPSS 0.3%CVE-2024-10306MEDIUMMod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requestsEPSS 0.3%CVE-2024-45769MEDIUMPcp: pmcd heap corruption through metric pmstore operationsEPSS 0.3%CVE-2025-62230HIGHXorg: xwayland: use-after-free in xkb client resource removalEPSS 0.3%CVE-2025-11731LOWLibxslt: type confusion in exsltfuncresultcompfunction of libxsltEPSS 0.3%CVE-2026-11792LOW389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)EPSS 0.3%CVE-2023-6915MEDIUMKernel: null pointer dereference vulnerability in ida_free in lib/idr.cEPSS 0.3%CVE-2023-6039MEDIUMKernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnectEPSS 0.3%