Vulnerabilities > Redhat > Enterprise Linux Desktop > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-10 | CVE-2018-1128 | Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. | 5.4 |
| 2018-07-10 | CVE-2018-10861 | Improper Authentication vulnerability in multiple products A flaw was found in the way ceph mon handles user requests. | 5.5 |
| 2018-07-09 | CVE-2018-5001 | Out-of-bounds Read vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. | 4.3 |
| 2018-07-09 | CVE-2018-5000 | Integer Overflow or Wraparound vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. | 4.3 |
| 2018-07-09 | CVE-2018-4945 | Incorrect Type Conversion or Cast vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. | 6.8 |
| 2018-07-09 | CVE-2018-13785 | Integer Overflow or Wraparound vulnerability in multiple products In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. | 4.3 |
| 2018-07-03 | CVE-2018-1113 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat products setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. | 4.6 |
| 2018-07-01 | CVE-2018-13033 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. | 4.3 |
| 2018-06-26 | CVE-2018-10852 | Information Exposure vulnerability in multiple products The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. | 5.0 |
| 2018-06-22 | CVE-2017-2668 | NULL Pointer Dereference vulnerability in multiple products 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. | 4.3 |