RED HAT — Vulnerabilities & Security Advisories 691

Browse all 691 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-66286	Webkitgtk: authorization bypass through webpage::send-request signal handler — Red Hat Enterprise Linux 6CWE-639	4.7	Medium	2026-04-23
CVE-2026-6384	Gimp: gimp: arbitrary code execution or denial of service via buffer overflow in gif image processing — Red Hat Enterprise Linux 6CWE-120	7.3	High	2026-04-15
CVE-2026-40919	Gimp: gimp: denial of service via specially crafted seattle filmworks file — Red Hat Enterprise Linux 6CWE-787	6.1	Medium	2026-04-15
CVE-2026-40918	Gimp: gimp: denial of service via crafted pvr image file — Red Hat Enterprise Linux 6CWE-131	5.5	Medium	2026-04-15
CVE-2026-40917	Gimp: gimp: application crashes or information disclosure via crafted icns image files — Red Hat Enterprise Linux 6CWE-125	5.0	Medium	2026-04-15
CVE-2026-40916	Gimp: gimp: denial of service due to stack buffer overflow in tim image loader — Red Hat Enterprise Linux 6CWE-787	5.0	Medium	2026-04-15
CVE-2026-40915	Gimp: gimp: heap buffer overflow due to integer overflow in fits image loader — Red Hat Enterprise Linux 6CWE-190	5.5	Medium	2026-04-15
CVE-2026-2272	Gimp: gimp: memory corruption due to integer overflow in ico file handling — Red Hat Enterprise Linux 6CWE-190	4.3	Medium	2026-03-26
CVE-2026-2271	Gimp: gimp: denial of service via crafted psp image file — Red Hat Enterprise Linux 6CWE-190	3.3	Low	2026-03-26
CVE-2026-4887	Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image — Red Hat Enterprise Linux 6CWE-193	6.1	Medium	2026-03-26
CVE-2024-43168	Unbound: heap-buffer-overflow in unbound — Red Hat Enterprise Linux 6CWE-122	4.8	Medium	2024-08-08
CVE-2024-43167	Unbound: null pointer dereference in unbound — Red Hat Enterprise Linux 6CWE-476	2.8	Low	2024-08-08
CVE-2024-1013	Unixodbc: out of bounds stack write due to pointer-to-integer types conversion — Red Hat Enterprise Linux 6CWE-823	7.8	High	2024-03-18
CVE-2023-7216	Cpio: extraction allows symlinks which enables remote command execution — Red Hat Enterprise Linux 6CWE-59	5.3	Medium	2024-02-05
CVE-2023-39197	Kernel: dccp: conntrack out-of-bounds read in nf_conntrack_dccp_packet() — Red Hat Enterprise Linux 6CWE-125	4.0	Medium	2024-01-23
CVE-2023-6270	Kernel: aoe: improper reference count leads to use-after-free vulnerability — Red Hat Enterprise Linux 6CWE-416	7.0	High	2024-01-04
CVE-2023-7042	Kernel: null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() — Red Hat Enterprise Linux 6CWE-476	4.4	Medium	2023-12-21
CVE-2023-6277	Libtiff: out-of-memory in tiffopen via a craft file — Red Hat Enterprise Linux 6CWE-400	6.5	Medium	2023-11-24
CVE-2023-5341	Imagemagick: heap use-after-free in coders/bmp.c — Red Hat Enterprise Linux 6CWE-416	6.2	Medium	2023-11-19
CVE-2023-3397	Kernel: slab-use-after-free write in txend due to race condition — Red Hat Enterprise Linux 6CWE-416	7.0	High	2023-11-01
CVE-2023-5568	Samba: heap buffer overflow with freshness tokens in the heimdal kdc — Red Hat Enterprise Linux 6CWE-122	5.9	Medium	2023-10-24
CVE-2023-3428	Imagemagick: heap-buffer-overflow in coders/tiff.c — Red Hat Enterprise Linux 6CWE-122	6.2	Medium	2023-10-04
CVE-2023-5156	Glibc: dos due to memory leak in getaddrinfo.c — Red Hat Enterprise Linux 6CWE-401	7.5	High	2023-09-25
CVE-2023-4385	Kernel: jfs: null pointer dereference in dbfree() — Red Hat Enterprise Linux 6CWE-476	5.5	Medium	2023-08-16
CVE-2023-38560	Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name — Red Hat Enterprise Linux 6CWE-190	5.5	Medium	2023-08-01
CVE-2023-4010	Kernel: usb: hcd: malformed usb descriptor leads to infinite loop in usb_giveback_urb() — Red Hat Enterprise Linux 6CWE-835	4.6	Medium	2023-07-31
CVE-2023-3745	Imagemagick: heap-buffer-overflow in pushcharpixel() in quantum-private.h — Red Hat Enterprise Linux 6CWE-125	5.5	Medium	2023-07-24
CVE-2023-38252	W3m: out of bounds read in strnew_size() at w3m/str.c — Red Hat Enterprise Linux 6CWE-125	4.7	Medium	2023-07-14
CVE-2023-3106	Kernel: netlink socket crash (null pointer deref) in netlink_dump function — Red Hat Enterprise Linux 6CWE-476	6.6	Medium	2023-07-12
CVE-2023-3108	Kernel: a race condition in crypto module in the function skcipher_recvmsg — Red Hat Enterprise Linux 6	6.2	Medium	2023-07-11

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

RED HAT — Vulnerabilities & Security Advisories 691