Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-03	CVE-2018-17972	Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. local low complexity linux canonical redhat debian CWE-362	5.5
2018-09-27	CVE-2018-14650	It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. local low complexity sos-collector-project redhat	5.0
2018-09-25	CVE-2018-14634	An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. local low complexity linux redhat canonical netapp	7.8
2018-09-25	CVE-2018-14633	A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. network high complexity linux debian canonical redhat	7.0
2018-09-19	CVE-2018-17183	Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. local low complexity debian canonical artifex redhat	7.8
2018-09-10	CVE-2018-16802	An issue was discovered in Artifex Ghostscript before 9.25. local low complexity artifex debian canonical redhat	7.8
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-09-06	CVE-2018-14624	A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. network low complexity fedoraproject redhat debian	7.5
2018-09-05	CVE-2018-16541	Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. local low complexity artifex canonical debian redhat CWE-416	5.5
2018-09-05	CVE-2018-16540	Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. local low complexity artifex redhat debian canonical CWE-416	7.8