Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

RED HAT — Vulnerabilities & Security Advisories 710

Browse all 710 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Top products by RED HAT: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible Red Hat build of Keycloak 26.4 Red Hat Enterprise Linux 9 keycloak Red Hat Hardened Images Red Hat Build of Keycloak Red Hat build of Keycloak 26.2 Red Hat Enterprise Linux 7 glusterfs kernel newlib undertow Red Hat Single Sign-On 7 Red Hat Ansible Automation Platform 2.5 for RHEL 8 OpenShift samba Red Hat Ansible Automation Platform 2.4 for RHEL 8 ipa cloudforms cfme Red Hat Quay 3 Red Hat Advanced Cluster Security 4.2 wildfly Red Hat build of Apache Camel for Spring Boot 4 Red Hat Ansible Automation Platform 2 Red Hat Quay 3.16 Red Hat Satellite 6.16 for RHEL 8
CVE IDTitleCVSSSeverityPublished
CVE-2023-3637 Openstack-neutron: unrestricted creation of security groups (fix for cve-2022-3277) — Red Hat OpenStack Platform 16.2CWE-400 4.3 Medium2023-07-25
CVE-2023-3640 Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space — Red Hat Enterprise Linux 9CWE-203 7.0 High2023-07-24
CVE-2023-33951 Kernel: vmwgfx: race condition leading to information disclosure vulnerability — Red Hat Enterprise Linux 8CWE-413 6.7 Medium2023-07-24
CVE-2023-3750 Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service — Red Hat Enterprise Linux 9CWE-667 6.5 Medium2023-07-24
CVE-2023-3745 Imagemagick: heap-buffer-overflow in pushcharpixel() in quantum-private.h — Red Hat Enterprise Linux 6CWE-125 5.5 Medium2023-07-24
CVE-2023-3812 Kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags — Red Hat Enterprise Linux 8CWE-787 7.8 High2023-07-24
CVE-2023-3384 Quay: stored cross site scripting — Red Hat Quay 3CWE-79 5.4 Medium2023-07-24
CVE-2023-3567 Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race — Red Hat Enterprise Linux 8CWE-416 7.1 High2023-07-24
CVE-2023-3019 Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest() — Red Hat Enterprise Linux 8CWE-416 6.0 Medium2023-07-24
CVE-2023-38200 Keylime: registrar is subject to a dos against ssl connections — Red Hat Enterprise Linux 9CWE-400 7.5 High2023-07-24
CVE-2023-33952 Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects — Red Hat Enterprise Linux 8CWE-415 6.7 Medium2023-07-24
CVE-2023-34968 Samba: spotlight server-side share path disclosure — Red Hat Enterprise Linux 8CWE-201 5.3 Medium2023-07-20
CVE-2023-34967 Samba: type confusion in mdssvc rpc service for spotlight — Red Hat Enterprise Linux 8CWE-843 5.3 Medium2023-07-20
CVE-2023-34966 Samba: infinite loop in mdssvc rpc service for spotlight — Red Hat Enterprise Linux 8CWE-835 7.5 High2023-07-20
CVE-2023-3347 Samba: smb2 packet signing is not enforced when "server signing = required" is set — Red Hat Enterprise Linux 8CWE-347 5.9 Medium2023-07-20
CVE-2022-2127 Samba: out-of-bounds read in winbind auth_crap — Red Hat Enterprise Linux 8CWE-125 5.9 Medium2023-07-20
CVE-2023-3674 Keylime: attestation failure when the quote's signature does not validate — Red Hat Enterprise Linux 9CWE-1283 2.3 Low2023-07-19
CVE-2023-38252 W3m: out of bounds read in strnew_size() at w3m/str.c — Red Hat Enterprise Linux 6CWE-125 4.7 Medium2023-07-14
CVE-2023-3106 Kernel: netlink socket crash (null pointer deref) in netlink_dump function — Red Hat Enterprise Linux 6CWE-476 6.6 Medium2023-07-12
CVE-2023-3108 Kernel: a race condition in crypto module in the function skcipher_recvmsg — Red Hat Enterprise Linux 6 6.2 Medium2023-07-11
CVE-2023-2974 Quarkus-core: tls protocol configured with quarkus.http.ssl.protocols is not enforced, client can enforce weaker supported tls protocol — Red Hat build of Quarkus 2.13.8.FinalCWE-757 6.5 Medium2023-07-04
CVE-2022-3205 Controller: cross site scripting in automation controller ui — Red Hat Ansible Automation Platform 1.2CWE-79 4.6 Medium2022-09-13
CVE-2020-27792 Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c — Red Hat Enterprise Linux 8CWE-119 7.1 High2022-08-19
CVE-2020-14341 Red Hat Single Sign-On 安全漏洞 — Red Hat Single Sign-OnCWE-385 2.7 -2021-01-12
CVE-2020-14366 Red Hat Keycloak 路径遍历漏洞 — keycloakCWE-22 6.8 Medium2020-11-09
CVE-2020-25655 Red Hat Advanced Cluster Management 安全漏洞 — open-cluster-managementCWE-863 5.7 Medium2020-11-09
CVE-2020-25661 Linux kernel 安全漏洞 — kernelCWE-843 7.5 High2020-11-05
CVE-2020-25662 Linux kernel 信息泄露漏洞 — kernelCWE-284 5.3 Medium2020-11-05
CVE-2020-25689 Red Hat Wildfly 资源管理错误漏洞 — wildfly-coreCWE-401 5.3 Medium2020-10-30
CVE-2020-25633 Red Hat Resteasy 安全漏洞 — resteasy-clientCWE-209 5.3 Medium2020-09-18

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.