Vulnerabilities > Redhat > Enterprise Linux Server EUS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-16542 | Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16541 | Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
| 2018-08-17 | CVE-2018-10873 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. | 6.5 |
| 2018-08-09 | CVE-2018-10915 | SQL Injection vulnerability in multiple products A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. | 6.0 |
| 2018-08-01 | CVE-2016-8635 | Improperly Implemented Security Check for Standard vulnerability in multiple products It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. | 5.9 |
| 2018-07-27 | CVE-2017-15097 | Link Following vulnerability in Redhat products Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. | 6.7 |
| 2018-07-27 | CVE-2017-2633 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. | 6.5 |
| 2018-07-27 | CVE-2017-2626 | Insufficient Entropy vulnerability in multiple products It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. | 5.5 |
| 2018-07-27 | CVE-2017-2618 | Off-by-one Error vulnerability in multiple products A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. | 5.5 |