Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-07-27 CVE-2018-10882 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
linux debian canonical redhat
5.5
5.5
2018-07-27 CVE-2017-2625 It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys.
local
low complexity
x-org redhat
5.5
5.5
2018-07-27 CVE-2017-2623 Improper Certificate Validation vulnerability in multiple products
It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering.
network
high complexity
rpm-ostree redhat CWE-295
5.3
5.3
2018-07-26 CVE-2017-12171 A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly.
network
low complexity
redhat apache
6.5
6.5
2018-07-26 CVE-2017-7562 An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates.
network
low complexity
redhat mit
6.5
6.5
2018-07-25 CVE-2018-1002200 Path Traversal vulnerability in multiple products
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.
local
low complexity
codehaus-plexus redhat debian CWE-22
5.5
5.5
2018-07-25 CVE-2018-10880 Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
local
low complexity
debian linux redhat canonical
5.5
5.5
2018-07-18 CVE-2018-10877 Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
local
low complexity
canonical linux debian redhat
6.5
6.5
2018-07-16 CVE-2018-10840 Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function.
low complexity
linux canonical redhat
6.6
6.6
2018-07-10 CVE-2018-3693 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. 5.6
5.6