Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-27	CVE-2017-2616	Race Condition vulnerability in multiple products A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. local util-linux-project debian redhat CWE-362	4.7
2018-07-27	CVE-2017-2625	Insufficient Entropy vulnerability in multiple products It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. local low complexity x-org redhat CWE-331	5.5
2018-07-27	CVE-2017-2590	Permission Issues vulnerability in multiple products A vulnerability was found in ipa before 4.4. network low complexity freeipa redhat CWE-275	5.5
2018-07-27	CVE-2017-12173	Improper Input Validation vulnerability in multiple products It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. network low complexity redhat fedoraproject CWE-20	4.0
2018-07-27	CVE-2017-12151	Cryptographic Issues vulnerability in multiple products A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. network samba debian redhat hp CWE-310	5.8
2018-07-26	CVE-2018-10881	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian canonical linux redhat CWE-787	5.5
2018-07-26	CVE-2017-12150	It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. network samba redhat debian	5.8
2018-07-26	CVE-2017-12171	Improper Access Control vulnerability in multiple products A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. network low complexity redhat apache CWE-284	6.5
2018-07-26	CVE-2017-7562	Improper Certificate Validation vulnerability in multiple products An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. network low complexity redhat mit CWE-295	6.5
2018-07-25	CVE-2018-13988	Out-of-bounds Read vulnerability in multiple products Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. network freedesktop canonical debian redhat CWE-125	4.3