Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-10 CVE-2016-7056 Covert Timing Channel vulnerability in multiple products
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
local
low complexity
openssl debian redhat canonical CWE-385
5.5
5.5
2018-09-05 CVE-2018-16542 Out-of-bounds Write vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
local
low complexity
artifex redhat debian canonical CWE-787
5.5
5.5
2018-09-04 CVE-2018-10930 Improper Input Validation vulnerability in multiple products
A flaw was found in RPC request using gfs3_rename_req in glusterfs server.
network
low complexity
gluster redhat debian opensuse CWE-20
4.0
4.0
2018-09-04 CVE-2018-10928 Link Following vulnerability in multiple products
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume.
network
low complexity
debian redhat gluster opensuse CWE-59
6.5
6.5
2018-09-04 CVE-2018-10926 Improper Input Validation vulnerability in multiple products
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server.
network
low complexity
redhat debian gluster opensuse CWE-20
6.5
6.5
2018-08-06 CVE-2017-8989 Open Redirect vulnerability in HP Icewall SSO 10.0/11.0
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.
network
low complexity
hp microsoft redhat CWE-601
6.4
6.4
2018-08-01 CVE-2018-10894 Improper Certificate Validation vulnerability in Redhat Keycloak and Single Sign-On
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates.
network
low complexity
redhat CWE-295
5.5
5.5
2018-07-30 CVE-2018-10883 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
debian linux canonical redhat CWE-787
5.5
5.5
2018-07-27 CVE-2017-2618 Off-by-one Error vulnerability in multiple products
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10.
local
low complexity
linux redhat debian CWE-193
5.5
5.5
2018-07-27 CVE-2018-10882 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
linux debian canonical redhat CWE-787
5.5
5.5