Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-10	CVE-2018-10872	Unspecified vulnerability in Redhat products A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. local low complexity redhat	5.5
2018-07-10	CVE-2018-1129	Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. low complexity redhat ceph debian opensuse CWE-287	6.5
2018-07-10	CVE-2018-1128	Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. high complexity redhat debian opensuse CWE-287	7.5
2018-07-06	CVE-2018-10892	The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. network low complexity docker mobyproject redhat opensuse	5.3
2018-06-26	CVE-2018-3760	Information Exposure vulnerability in multiple products There is an information leak vulnerability in Sprockets. network low complexity redhat sprockets-project debian CWE-200	7.5
2018-06-21	CVE-2018-3665	Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. local high complexity intel citrix freebsd redhat debian canonical CWE-200	5.6
2018-06-13	CVE-2018-10850	Race Condition vulnerability in multiple products 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. network high complexity fedoraproject redhat debian CWE-362	5.9
2018-06-11	CVE-2018-5184	Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. network low complexity debian mozilla canonical redhat CWE-326	7.5
2018-06-11	CVE-2018-5117	If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. network low complexity debian redhat mozilla canonical	5.3