Vulnerabilidades em Red Hat

1.513 resultados
Análise Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-4878MEDIUMLibcap: libcap: privilege escalation via toctou race condition in cap_set_file()EPSS 0.2%CVE-2025-58712MEDIUMAmq: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2025-25209MEDIUMRhcl: sharedsecretref can be used to leak secrets severityEPSS 0.2%CVE-2026-28295MEDIUMGvfs: gvfs ftp backend: information disclosure via untrusted pasv responsesEPSS 0.2%CVE-2025-3528HIGHMirror-registry: local privilege escalation due to incorrect permissions in mirror-registryEPSS 0.2%CVE-2026-10052MEDIUMQuay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpointsEPSS 0.2%CVE-2026-53704HIGHGstreamer1-plugins-ugly-free: gstreamer: out-of-bounds read in realmedia demuxer fileinfo metadata parserEPSS 0.2%CVE-2026-9796MEDIUMKeycloak: keycloak: privilege escalation via time-of-check to time-of-use (toctou) vulnerabilityEPSS 0.2%CVE-2025-12748MEDIUMLibvirt: denial of service in xml parsingEPSS 0.2%CVE-2025-31178MEDIUMGnuplot: gnuplot segmentation fault on getannotatestringEPSS 0.2%CVE-2026-13083MEDIUMPen-drive: pen-drive: stored xss via unescaped cluster data in html reportEPSS 0.2%CVE-2025-31179MEDIUMGnuplot: gnuplot segmentation fault on xstrftimeEPSS 0.2%CVE-2025-31181MEDIUMGnuplot: gnuplot segmentation fault on x11_graphicsEPSS 0.2%CVE-2026-3634LOWLibsoup: libsoup: http header injection and response splitting via crlf injection in content-type headerEPSS 0.2%CVE-2025-31180MEDIUMGnuplot: gnuplot segmentation fault on canvas_textEPSS 0.2%CVE-2026-35093HIGHLibinput: libinput: unauthorized code execution and information disclosure through lua bytecode pluginsEPSS 0.2%CVE-2025-31176MEDIUMGnuplot: gnuplot segmentation fault on plot3d_pointsEPSS 0.2%CVE-2025-7519MEDIUMPolkit: xml policy file with a large number of nested elements may lead to out-of-bounds writeEPSS 0.2%CVE-2026-10028MEDIUMGlib-networking: infinite loop in glib-networking gnutls backend allows remote denial of service via circular certificate chainEPSS 0.2%CVE-2023-3108MEDIUMKernel: a race condition in crypto module in the function skcipher_recvmsgEPSS 0.2%