Vulnerabilities > Redhat > Enterprise Linux Server EUS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-16511 | Incorrect Type Conversion or Cast vulnerability in multiple products An issue was discovered in Artifex Ghostscript before 9.24. | 7.8 |
| 2018-09-05 | CVE-2018-16509 | An issue was discovered in Artifex Ghostscript before 9.24. | 7.8 |
| 2018-08-30 | CVE-2018-14622 | Unchecked Return Value vulnerability in multiple products A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. | 7.5 |
| 2018-08-28 | CVE-2018-15911 | Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15910 | Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15909 | Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | 7.8 |
| 2018-08-20 | CVE-2015-5160 | Information Exposure vulnerability in multiple products libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. | 5.5 |
| 2018-08-17 | CVE-2018-10873 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. | 8.8 |
| 2018-08-09 | CVE-2018-10915 | SQL Injection vulnerability in multiple products A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. | 7.5 |