Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat — Vulnerabilities & Security Advisories 691

Browse all 691 CVE security advisories affecting Red Hat. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Top products by Red Hat: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible keycloak Red Hat Enterprise Linux 9 Red Hat build of Keycloak 26.4 Red Hat Hardened Images Red Hat Enterprise Linux 7 glusterfs Red Hat Build of Keycloak kernel Red Hat build of Keycloak 26.2 newlib mirror registry for Red Hat OpenShift Red Hat Ansible Automation Platform 2.5 for RHEL 8 undertow OpenShift Red Hat Single Sign-On 7 samba Red Hat Advanced Cluster Security 4.2 Red Hat Quay 3 wildfly cloudforms ipa Red Hat Ansible Automation Platform 2.4 for RHEL 8 cfme Red Hat build of Apache Camel for Spring Boot 4 Red Hat Ansible Automation Platform 2 Ansible Tower
CVE IDTitleCVSSSeverityPublished
CVE-2017-2674 Red Hat JBoss BRMS和BPM Suite 输入验证漏洞 — business-centralCWE-20 5.4 -2018-07-27
CVE-2017-7463 Red Hat JBoss BRMS和BPM Suite 跨站脚本漏洞 — business-centralCWE-79 6.1 -2018-07-27
CVE-2017-12148 Ansible Tower 输入验证漏洞 — Ansible TowerCWE-20 7.2 -2018-07-27
CVE-2017-15113 Red Hat oVirt Engine 信息泄露漏洞 — ovirt-engineCWE-212 5.9 -2018-07-27
CVE-2017-12165 Red Hat Undertow 安全漏洞 — undertowCWE-444 9.1 -2018-07-27
CVE-2017-12195 Openshift Enterprise 授权问题漏洞 — OpenShiftCWE-287 4.8 -2018-07-27
CVE-2017-15125 Red Hat CloudForms 跨站脚本漏洞 — cloudformsCWE-79 5.4 -2018-07-27
CVE-2017-12167 Red Hat JBoss Enterprise Application Platform 信息泄露漏洞 — EAP-7CWE-732 3.3 -2018-07-26
CVE-2017-12171 Red Hat Enterprise Linux 访问控制错误漏洞 — httpdCWE-284 6.5 -2018-07-26
CVE-2017-12175 Red Hat Satellite 跨站脚本漏洞 — SatelliteCWE-79 5.4 -2018-07-26
CVE-2017-2582 Red Hat Picketlink和KeyCloak 信息泄露漏洞 — keycloakCWE-201 7.5 -2018-07-26
CVE-2017-7509 Red Hat Certificate Server 输入验证漏洞 — Certificate SystemCWE-20 6.5 -2018-07-26
CVE-2017-2589 Hawtio servlet 安全漏洞 — hawtioCWE-285 7.7 -2018-07-26
CVE-2017-7538 Red Hat Satellite 跨站脚本漏洞 — SatelliteCWE-79 5.4 -2018-07-26
CVE-2016-8647 Red Hat Ansible 输入验证错误漏洞 — AnsibleCWE-20 6.5 -2018-07-26
CVE-2017-2664 Red Hat CloudForms Management Engine 权限许可和访问控制漏洞 — CloudFormsCWE-284 8.1 -2018-07-26
CVE-2017-7543 openstack-neutron 竞争条件漏洞 — openstack-neutronCWE-362 5.9 -2018-07-26
CVE-2017-7530 Red Hat CloudForms Management Engine 权限许可和访问控制漏洞 — cfmeCWE-862 8.8 -2018-07-26
CVE-2018-10841 GlusterFS 权限许可和访问控制问题漏洞 — glusterfsCWE-288 8.8 -2018-06-20
CVE-2018-1111 Red Hat Enterprise Linux 命令注入漏洞 — dhcpCWE-77 7.5 -2018-05-17
CVE-2011-1594 Spacewalk: spacewalk: open redirect vulnerability enables phishing attacks via url parameter — Red Hat Enterprise Linux 6CWE-601 6.5 Medium2014-02-05
CVE-2011-2920 Spacewalk: spacewalk: cross-site scripting vulnerability allows arbitrary web script execution. — Red Hat Enterprise Linux 6CWE-79 5.5 Medium2014-02-05
CVE-2011-2927 Spacewalk: spacewalk and red hat network satellite: cross-site scripting vulnerability via search forms — Red Hat Enterprise Linux 6CWE-79 5.4 Medium2014-02-05
CVE-2011-3344 Spacewalk: spacewalk: cross-site scripting via uri in lookup login/password form — Red Hat Enterprise Linux 6CWE-79 5.4 Medium2014-02-05
CVE-2012-0059 Spacewalk-backend: spacewalk-backend: information disclosure via cleartext passwords in error messages — Red Hat Enterprise Linux 6CWE-209 4.9 Medium2014-02-05
CVE-2013-0270 Keystone: openstack keystone: denial of service via large http request with long tenant name — Red Hat OpenStack Platform 13 (Queens)CWE-1284 6.5 Medium2013-04-12
CVE-2013-1815 Packstack: red hat openstack: packstack: unauthorized system modification via insecure answer file creation — Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)CWE-379 6.1 Medium2013-04-10
CVE-2013-0261 Packstack: packstack: arbitrary file overwrite via symlink attack — Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)CWE-59 8.8 High2013-03-08
CVE-2013-0266 Puppetlabs-cinder: packstack: openstack: puppetlabs-cinder: information disclosure of openstack administrative passwords due to world-readable configuration files. — Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)CWE-276 5.5 Medium2013-03-08
CVE-2012-5571 Openstack keystone: openstack keystone: authorization bypass via improper ec2 token handling — Red Hat OpenStack Platform 13 (Queens)CWE-639 5.4 Medium2012-12-18

This page lists every published CVE security advisory associated with Red Hat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.