Vulnerabilidades em Red Hat

1.513 resultados
Análise Vexday

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-50257HIGHXorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()EPSS 0.1%CVE-2026-6245MEDIUMSssd: out-of-bounds read in the sssdEPSS 0.1%CVE-2025-11537MEDIUMKeycloak-server: sensitive headers shown in the http access logsEPSS 0.1%CVE-2026-50261HIGHXorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()EPSS 0.1%CVE-2026-54230HIGHAbrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwritesEPSS 0.1%CVE-2026-1485LOWGlib: glib: local denial of service via buffer underflow in content type parsingEPSS 0.1%CVE-2026-1765MEDIUMLocalsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 filesEPSS 0.1%CVE-2026-11569MEDIUMQuay: quay: stored xss via filedrop svg uploadEPSS 0.1%CVE-2025-5731MEDIUMInfinispan: credential leakage in infinispan cliEPSS 0.1%CVE-2026-57966MEDIUMSpice-vdagent: path traversal in file transfer via unsanitized filenameEPSS 0.1%CVE-2026-13601HIGHYelp: yelp-xsl: overly permissive content security policy in yelp allows host file disclosure from flatpak applicationsEPSS 0.1%CVE-2025-14876MEDIUMQemu-kvm: unbounded allocation in virtio-cryptoEPSS 0.1%CVE-2026-50263MEDIUMXorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()EPSS 0.1%CVE-2026-43958HIGHRrdtool: rrdtool: stack buffer overflow allows local code execution or denial of serviceEPSS 0.1%CVE-2026-4897MEDIUMPolkit: polkit: denial of service via unbounded input processing through standard inputEPSS 0.1%CVE-2026-13595MEDIUMUtil-linux: util-linux: heap use-after-free in libblkid nested partition probingEPSS 0.1%CVE-2026-4367MEDIUMLibxpm: libxpm: denial of service via out-of-bounds read in xpm file parsingEPSS 0.1%CVE-2025-14821HIGHLibssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windowsEPSS 0.1%CVE-2026-11819MEDIUMCommunity.general: community.general keyring_info — os keyring passphrase returned in plaintextEPSS 0.1%CVE-2025-12390MEDIUMOrg.keycloak.protocol.oidc.endpoints.logoutendpoint: offline session takeover due to reused authentication session idEPSS 0.1%