Vulnerabilities > Redhat

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-28	CVE-2018-16889	Information Exposure Through Log Files vulnerability in Redhat Ceph Ceph does not properly sanitize encryption keys in debug logging for v4 auth. network low complexity redhat CWE-532	7.5
2019-01-25	CVE-2018-16881	Integer Overflow or Wraparound vulnerability in multiple products A denial of service vulnerability was found in rsyslog in the imptcp module. network low complexity rsyslog redhat debian CWE-190	7.5
2019-01-22	CVE-2018-14666	Incorrect Authorization vulnerability in Redhat Satellite An improper authorization flaw was found in the Smart Class feature of Foreman. network low complexity redhat CWE-863	6.5
2019-01-22	CVE-2019-1003004	An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time. network low complexity jenkins redhat	7.2
2019-01-22	CVE-2019-1003003	An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. network low complexity jenkins redhat	7.2
2019-01-22	CVE-2019-1003002	A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. network low complexity jenkins redhat	8.8
2019-01-22	CVE-2019-1003001	A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. network low complexity jenkins redhat	8.8
2019-01-22	CVE-2019-1003000	A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM. network low complexity jenkins redhat	8.8
2019-01-18	CVE-2018-15982	Use After Free vulnerability in Adobe Flash Player Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. network low complexity adobe apple linux microsoft google redhat CWE-416 critical	10.0
2019-01-16	CVE-2018-5740	Reachable Assertion vulnerability in multiple products "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. network low complexity isc redhat debian netapp canonical hp opensuse CWE-617	5.0

Vulnerabilities > Redhat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Redhat"}]}

Vulnerabilities > Redhat