Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RED HAT — Vulnerabilities & Security Advisories 706

Browse all 706 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Found 83 results / 706Clear Filters
Top products by RED HAT: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible Red Hat Build of Keycloak keycloak Red Hat Enterprise Linux 9 Red Hat build of Keycloak 26.4 Red Hat Hardened Images Red Hat Enterprise Linux 7 glusterfs kernel Red Hat build of Keycloak 26.2 newlib mirror registry for Red Hat OpenShift Red Hat Ansible Automation Platform 2.5 for RHEL 8 Red Hat Single Sign-On 7 OpenShift undertow samba Red Hat Advanced Cluster Security 4.2 wildfly ipa cloudforms Red Hat Quay 3 cfme Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Satellite 6.16 for RHEL 8 Ansible Tower Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
CVE IDTitleCVSSSeverityPublished
CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization — Red Hat Enterprise Linux 10CWE-279 5.5 Medium2026-03-27
CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling — Red Hat Enterprise Linux 10CWE-73 5.5 -2026-03-26
CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing — Red Hat Enterprise Linux 10CWE-1333 7.5 -2026-03-26
CVE-2026-0968 Libssh: libssh: denial of service due to malformed sftp message — Red Hat Enterprise Linux 10CWE-476 3.1 Low2026-03-26
CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers — Red Hat Enterprise Linux 10CWE-22 8.8 -2026-03-26
CVE-2026-0966 Libssh: libssh: denial of service via zero-length input in ssh_get_hexa() — Red Hat Enterprise Linux 10CWE-124 7.5AIHighAI2026-03-26
CVE-2026-2100 P11-kit: null dereference via c_derivekey with specific null parameters — Red Hat Enterprise Linux 10CWE-824 5.3 Medium2026-03-26
CVE-2026-2436 Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake — Red Hat Enterprise Linux 10CWE-825 6.5 Medium2026-03-26
CVE-2026-4897 Polkit: polkit: denial of service via unbounded input processing through standard input — Red Hat Enterprise Linux 10CWE-770 5.5 Medium2026-03-26
CVE-2026-4775 Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing — Red Hat Enterprise Linux 10CWE-190 7.8 High2026-03-24
CVE-2026-1940 Gstreamer: incomplete fix of cve-2026-1940 — Red Hat Enterprise Linux 10 5.1 Medium2026-03-23
CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library — Red Hat Enterprise Linux 10CWE-125 6.1 Medium2026-03-23
CVE-2026-2369 Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources — Red Hat Enterprise Linux 10CWE-191 6.5 Medium2026-03-19
CVE-2026-4424 Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing — Red Hat Enterprise Linux 10CWE-125 7.5 High2026-03-19
CVE-2026-4271 Libsoup: libsoup: denial of service via use-after-free in http/2 server — Red Hat Enterprise Linux 10CWE-416 5.3 Medium2026-03-17
CVE-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection — Red Hat Enterprise Linux 10CWE-93 3.9 Low2026-03-17
CVE-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header — Red Hat Enterprise Linux 10CWE-93 3.9 Low2026-03-17
CVE-2026-3632 Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames — Red Hat Enterprise Linux 10CWE-1286 3.9 Low2026-03-17
CVE-2026-3441 Binutils: gnu binutils: information disclosure via specially crafted xcoff object file — Red Hat Enterprise Linux 10CWE-125 6.1 Medium2026-03-15
CVE-2026-3442 Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker — Red Hat Enterprise Linux 10CWE-125 6.1 Medium2026-03-15
CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive — Red Hat Enterprise Linux 10CWE-835 7.5 High2026-03-13
CVE-2026-3099 Libsoup: libsoup: authentication bypass via digest authentication replay attack — Red Hat Enterprise Linux 10CWE-323 5.8 Medium2026-03-12
CVE-2026-3234 Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection — Red Hat Enterprise Linux 10CWE-93 4.3 Medium2026-03-12
CVE-2025-12801 Nfs-utils: rpc.mountd in the nfs-utils privilege escalation — Red Hat Enterprise Linux 10CWE-279 6.5 Medium2026-03-04
CVE-2026-28295 Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses — Red Hat Enterprise Linux 10CWE-918 4.3 Medium2026-02-26
CVE-2026-28296 Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths — Red Hat Enterprise Linux 10CWE-93 4.3 Medium2026-02-26
CVE-2026-26104 Udisks: missing authorization check allows unprivileged users to back up luks headers via udisks d-bus api — Red Hat Enterprise Linux 10CWE-862 5.5 Medium2026-02-25
CVE-2026-26103 Udisks: missing authorization check allows unprivileged users to restore luks headers via udisks d-bus api — Red Hat Enterprise Linux 10CWE-862 7.1 High2026-02-25
CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure — Red Hat Enterprise Linux 10CWE-125 5.3 Medium2026-02-13
CVE-2025-14831 Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification — Red Hat Enterprise Linux 10CWE-407 5.3 Medium2026-02-09

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.