Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-13 | CVE-2018-14657 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. | 8.1 |
| 2018-11-13 | CVE-2018-14655 | Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. | 5.4 |
| 2018-11-13 | CVE-2018-16850 | SQL Injection vulnerability in multiple products postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... | 9.8 |
| 2018-11-12 | CVE-2018-19215 | Out-of-bounds Read vulnerability in multiple products Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. | 7.8 |
| 2018-11-12 | CVE-2018-19214 | Out-of-bounds Read vulnerability in multiple products Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. | 7.8 |
| 2018-11-12 | CVE-2018-19208 | NULL Pointer Dereference vulnerability in multiple products In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. | 6.5 |
| 2018-11-09 | CVE-2018-19139 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue has been found in JasPer 2.0.14. | 5.5 |
| 2018-11-08 | CVE-2018-19115 | Out-of-bounds Write vulnerability in multiple products keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap. | 9.8 |
| 2018-11-08 | CVE-2018-19108 | Infinite Loop vulnerability in multiple products In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. | 6.5 |
| 2018-11-08 | CVE-2018-19107 | Integer Overflow or Wraparound vulnerability in multiple products In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file. | 6.5 |