Vulnerabilities > Redhat > Enterprise Linux Server EUS > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-14 CVE-2018-14638 Double Free vulnerability in multiple products
A flaw was found in 389-ds-base before version 1.3.8.4-13.
network
low complexity
fedoraproject redhat CWE-415
7.5
2018-09-10 CVE-2018-16802 An issue was discovered in Artifex Ghostscript before 9.25.
local
low complexity
artifex debian canonical redhat
7.8
2018-09-10 CVE-2016-7035 Improper Authorization vulnerability in multiple products
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface.
local
low complexity
clusterlabs redhat CWE-285
7.8
2018-09-06 CVE-2018-5391 Improper Input Validation vulnerability in multiple products
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly.
7.5
2018-09-06 CVE-2018-14624 A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16.
network
low complexity
fedoraproject redhat debian
7.5
2018-09-05 CVE-2018-16540 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
local
low complexity
artifex redhat debian canonical CWE-416
7.8
2018-09-05 CVE-2018-16511 Incorrect Type Conversion or Cast vulnerability in multiple products
An issue was discovered in Artifex Ghostscript before 9.24.
local
low complexity
debian artifex canonical redhat CWE-704
7.8
2018-09-05 CVE-2018-16509 An issue was discovered in Artifex Ghostscript before 9.24.
local
low complexity
debian artifex canonical redhat
7.8
2018-08-30 CVE-2018-14622 Unchecked Return Value vulnerability in multiple products
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3.
7.5
2018-08-28 CVE-2018-15911 Use of Uninitialized Resource vulnerability in multiple products
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
7.8