Enterprise Linux Server

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-04	CVE-2018-10904	It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. network low complexity gluster redhat debian opensuse	8.8
2018-09-04	CVE-2018-16435	Integer Overflow or Wraparound vulnerability in multiple products Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. local low complexity littlecms canonical redhat debian CWE-190	5.5
2018-09-03	CVE-2018-16402	Double Free vulnerability in multiple products libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. network low complexity elfutils-project debian redhat opensuse canonical CWE-415 critical	9.8
2018-08-29	CVE-2018-12828	Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. network low complexity adobe redhat critical	9.8
2018-08-29	CVE-2018-12827	Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. network low complexity adobe redhat CWE-125	7.5
2018-08-29	CVE-2018-12826	Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. network low complexity adobe redhat CWE-125	7.5
2018-08-29	CVE-2018-12825	Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. network low complexity adobe redhat critical	9.8
2018-08-29	CVE-2018-12824	Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. network high complexity adobe redhat CWE-125	5.9
2018-08-29	CVE-2018-16062	Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. local low complexity elfutils-project debian opensuse canonical redhat CWE-125	5.5
2018-08-28	CVE-2017-15429	Cross-site Scripting vulnerability in multiple products Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. network low complexity google debian redhat CWE-79	6.1