Vulnerabilidades em Red Hat

1.514 resultados
Análise Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-10840HIGHOpenshift-pipelines-operator-rh: openshift-pipelines-operator: tekton-scheduler-rolebinding grants system:authenticated write access to kueue and cert-manager resourcesEPSS 0.2%CVE-2026-4647MEDIUMBinutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd libraryEPSS 0.2%CVE-2025-61661MEDIUMGrub2: grub2: out-of-bounds write via malicious usb deviceEPSS 0.2%CVE-2025-57850MEDIUMCodeready-ws: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2025-9907MEDIUMEvent-driven-ansible: event stream test mode exposes sensitive headers in aap edaEPSS 0.2%CVE-2025-9909MEDIUMAap-gateway: improper path validation in gateway allows credential exfiltrationEPSS 0.2%CVE-2026-40917MEDIUMGimp: gimp: application crashes or information disclosure via crafted icns image filesEPSS 0.2%CVE-2026-9799MEDIUMKeycloak: keycloak: unauthorized access to resources via uma permission ticket bypassEPSS 0.2%CVE-2025-5791HIGHUsers: `root` appended to group listingsEPSS 0.2%CVE-2025-57848MEDIUMContainer-native-virtualization: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2026-50259HIGHXorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexingEPSS 0.2%CVE-2026-7163MEDIUMAssisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosureEPSS 0.2%CVE-2025-5917LOWLibarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.cEPSS 0.2%CVE-2025-12464MEDIUMQemu-kvm: stack buffer overflow in e1000 device via short frames in loopback modeEPSS 0.2%CVE-2026-6855HIGHInstructlab: instructlab: path traversal allows arbitrary directory creation and file writeEPSS 0.2%CVE-2026-13318MEDIUMVirt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ipEPSS 0.2%CVE-2025-8766MEDIUMNoobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core containerEPSS 0.2%CVE-2026-5745MEDIUMLibarchive: a null pointer dereference vulnerability exists in the acl parser of libarchiveEPSS 0.2%CVE-2025-5915MEDIUMLibarchive: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.cEPSS 0.2%CVE-2025-9615LOWNetworkmanager: networkmanager file accessEPSS 0.2%