Vulnerabilities > Redhat > Openstack > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-30 | CVE-2018-10903 | Improper Input Validation vulnerability in multiple products A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. | 7.5 |
2018-07-26 | CVE-2017-7539 | An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. | 7.5 |
2018-07-19 | CVE-2017-2673 | Unspecified vulnerability in Redhat Openstack 10/9 An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). | 7.2 |
2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 7.8 |
2018-07-02 | CVE-2018-10874 | Unspecified vulnerability in Redhat products In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. | 7.8 |
2018-06-22 | CVE-2017-7466 | Improper Input Validation vulnerability in Redhat Ansible Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. | 8.0 |
2018-06-13 | CVE-2018-11806 | Out-of-bounds Write vulnerability in multiple products m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | 8.2 |
2018-04-24 | CVE-2016-9587 | Improper Input Validation vulnerability in multiple products Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. | 8.1 |
2018-04-24 | CVE-2016-9599 | Improper Access Control vulnerability in multiple products puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. | 7.5 |
2018-04-19 | CVE-2018-2755 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). | 7.7 |