Vulnerabilities > Redhat > Openstack > 9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-30 | CVE-2019-10141 | SQL Injection vulnerability in multiple products A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. | 9.1 |
| 2019-07-11 | CVE-2019-10193 | Out-of-bounds Write vulnerability in multiple products A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. | 7.2 |
| 2019-07-11 | CVE-2019-10192 | Out-of-bounds Write vulnerability in multiple products A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. | 7.2 |
| 2018-10-19 | CVE-2018-18438 | Integer Overflow or Wraparound vulnerability in multiple products Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | 5.5 |
| 2018-07-27 | CVE-2016-9603 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. | 9.9 |
| 2018-07-27 | CVE-2017-2620 | Out-of-bounds Write vulnerability in multiple products Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. | 9.9 |
| 2018-07-27 | CVE-2017-2621 | An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. | 5.5 |
| 2018-07-26 | CVE-2017-7543 | A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. | 5.9 |
| 2018-07-26 | CVE-2017-7539 | An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. | 7.5 |
| 2018-07-26 | CVE-2017-2637 | Unspecified vulnerability in Redhat Openstack A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. | 10.0 |