Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat — Vulnerabilities & Security Advisories 694

Browse all 694 CVE security advisories affecting Red Hat. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Found 80 results / 694Clear Filters
Top products by Red Hat: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible keycloak Red Hat Enterprise Linux 9 Red Hat Hardened Images Red Hat build of Keycloak 26.4 Red Hat Enterprise Linux 7 glusterfs Red Hat Build of Keycloak kernel Red Hat build of Keycloak 26.2 newlib mirror registry for Red Hat OpenShift Red Hat Ansible Automation Platform 2.5 for RHEL 8 Red Hat Single Sign-On 7 OpenShift undertow samba Red Hat Advanced Cluster Security 4.2 wildfly ipa cloudforms Red Hat Quay 3 cfme Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Satellite 6.16 for RHEL 8 Ansible Tower Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
CVE IDTitleCVSSSeverityPublished
CVE-2026-1761 Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response — Red Hat Enterprise Linux 10CWE-121 8.6 High2026-02-02
CVE-2026-1539 Libsoup: libsoup: credential leakage via http redirects — Red Hat Enterprise Linux 10CWE-201 5.8 Medium2026-01-28
CVE-2026-1536 Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header — Red Hat Enterprise Linux 10CWE-93 5.8 Medium2026-01-28
CVE-2026-1489 Glib: glib: memory corruption via integer overflow in unicode case conversion — Red Hat Enterprise Linux 10CWE-787 5.4 Medium2026-01-27
CVE-2026-1485 Glib: glib: local denial of service via buffer underflow in content type parsing — Red Hat Enterprise Linux 10CWE-124 2.8 Low2026-01-27
CVE-2026-1484 Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode() — Red Hat Enterprise Linux 10CWE-787 4.2 Medium2026-01-27
CVE-2026-1467 Libsoup: libsoup: http header injection via specially crafted urls when an http proxy is configured — Red Hat Enterprise Linux 10CWE-93 5.8 Medium2026-01-27
CVE-2025-9820 Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function — Red Hat Enterprise Linux 10CWE-121 4.0 Medium2026-01-26
CVE-2025-9615 Networkmanager: networkmanager file access — Red Hat Enterprise Linux 10CWE-281 8.1AIHighAI2026-01-26
CVE-2025-14242 Vsftpd: vsftpd: denial of service via integer overflow in ls command parameter parsing — Red Hat Enterprise Linux 10CWE-190 6.5 Medium2026-01-14
CVE-2026-0716 Libsoup: out-of-bounds read in libsoup websocket frame processing — Red Hat Enterprise Linux 10CWE-805 4.8 Medium2026-01-13
CVE-2026-0719 Libsoup: signed to unsigned conversion error leading to stack-based buffer overflow in libsoup ntlm authentication — Red Hat Enterprise Linux 10CWE-121 8.6 High2026-01-08
CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins) — Red Hat Enterprise Linux 10CWE-444 8.2 High2025-12-11
CVE-2025-7493 Freeipa: idm: privilege escalation from host to domain admin in freeipa — Red Hat Enterprise Linux 10CWE-1220 9.1 Critical2025-09-30
CVE-2025-5962 Rhel-lightspeed: improper access control in lightspeed history management allows local privilege manipulation — Red Hat Enterprise Linux 10CWE-284 7.7 High2025-09-22
CVE-2025-9901 Libsoup: improper handling of http vary header in libsoup caching — Red Hat Enterprise Linux 10CWE-524 5.9 Medium2025-09-03
CVE-2025-7039 Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file() — Red Hat Enterprise Linux 10CWE-22 3.7 Low2025-09-03
CVE-2025-6052 Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring — Red Hat Enterprise Linux 10CWE-190 3.7 Low2025-06-13
CVE-2025-5024 Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus — Red Hat Enterprise Linux 10CWE-400 7.4 High2025-05-22
CVE-2025-4035 Libsoup: cookie domain validation bypass via uppercase characters in libsoup — Red Hat Enterprise Linux 10CWE-178 4.3 Medium2025-04-29

This page lists every published CVE security advisory associated with Red Hat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.