Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-28	CVE-2023-5981	Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. network high complexity gnu redhat fedoraproject CWE-203	5.9
2020-08-28	CVE-2019-4579	Unspecified vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. network low complexity ibm redhat	4.0
2020-08-28	CVE-2019-4533	Improper Input Validation vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. network low complexity ibm redhat CWE-20	4.0
2018-10-17	CVE-2018-7110	Race Condition vulnerability in HPE Service Governance Framework 4.2/4.3 A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. network hpe redhat CWE-362	4.3
2018-10-09	CVE-2018-17962	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. network low complexity qemu canonical debian oracle redhat suse CWE-119	5.0
2018-02-15	CVE-2018-1041	Infinite Loop vulnerability in multiple products A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. network low complexity jboss redhat CWE-835	5.0
2017-12-11	CVE-2014-3250	Improper Certificate Validation vulnerability in multiple products The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. network low complexity puppet apache redhat CWE-295	4.0
2007-09-25	CVE-2007-5079	Unspecified vulnerability in Redhat Linux 4.0 Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions. network redhat	6.0
2007-07-15	CVE-2007-3103	Link Following vulnerability in multiple products The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. local high complexity fedoraproject redhat CWE-59	6.2
2005-12-31	CVE-2005-3626	Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399	5.0