Vulnerabilities > Redhat

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-26	CVE-2019-3878	Improper Authentication vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. network high complexity mod-auth-mellon-project fedoraproject redhat canonical CWE-287	8.1
2019-03-26	CVE-2019-3830	Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in ceilometer before version 12.0.0.0rc1. local low complexity openstack redhat CWE-532	2.1
2019-03-26	CVE-2019-3826	Cross-site Scripting vulnerability in multiple products A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. network low complexity prometheus redhat CWE-79	6.1
2019-03-26	CVE-2019-3804	Missing Initialization of Resource vulnerability in multiple products It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. network low complexity cockpit-project fedoraproject redhat CWE-909	7.5
2019-03-26	CVE-2018-16856	Information Exposure Through Log Files vulnerability in multiple products In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. network low complexity openstack redhat CWE-532	5.0
2019-03-25	CVE-2019-0204	A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. local low complexity apache redhat	7.8
2019-03-25	CVE-2019-7609	Code Injection vulnerability in multiple products Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. network low complexity elastic redhat CWE-94 critical	10.0
2019-03-25	CVE-2019-3879	Missing Authorization vulnerability in multiple products It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal command, meaning the permission validation that should be performed against the calling user is skipped. network low complexity ovirt redhat CWE-862	5.5
2019-03-25	CVE-2019-3874	Resource Exhaustion vulnerability in multiple products The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. low complexity linux debian redhat canonical netapp CWE-400	6.5
2019-03-25	CVE-2019-3857	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8

Vulnerabilities > Redhat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Redhat"}]}

Vulnerabilities > Redhat