Vulnerabilities > Redhat > Enterprise Linux Server AUS

DATE CVE VULNERABILITY TITLE RISK
2018-10-15 CVE-2018-17961 Information Exposure Through an Error Message vulnerability in multiple products
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.
local
low complexity
artifex debian canonical redhat CWE-209
8.6
2018-10-08 CVE-2018-1000805 Incorrect Authorization vulnerability in multiple products
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE.
network
low complexity
paramiko redhat debian canonical CWE-863
8.8
2018-10-06 CVE-2018-17456 Argument Injection or Modification vulnerability in multiple products
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
network
low complexity
git-scm redhat canonical debian CWE-88
critical
9.8
2018-10-04 CVE-2018-11784 Open Redirect vulnerability in multiple products
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g.
network
low complexity
apache debian canonical netapp redhat oracle CWE-601
4.3
2018-10-03 CVE-2018-17972 Race Condition vulnerability in multiple products
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11.
local
low complexity
linux canonical redhat debian CWE-362
5.5
2018-09-27 CVE-2018-14650 It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user.
local
low complexity
sos-collector-project redhat
5.0
2018-09-25 CVE-2018-14634 An integer overflow flaw was found in the Linux kernel's create_elf_tables() function.
local
low complexity
linux redhat canonical netapp
7.8
2018-09-25 CVE-2018-14633 A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed.
network
high complexity
linux debian canonical redhat
7.0
2018-09-19 CVE-2018-17183 Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
local
low complexity
debian canonical artifex redhat
7.8
2018-09-10 CVE-2018-16802 An issue was discovered in Artifex Ghostscript before 9.25.
local
low complexity
artifex debian canonical redhat
7.8