Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2018-11-09 CVE-2018-19139 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue has been found in JasPer 2.0.14.
local
low complexity
jasper-project redhat debian CWE-772
5.5
5.5
2018-11-08 CVE-2018-19115 Out-of-bounds Write vulnerability in multiple products
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
network
low complexity
keepalived debian redhat CWE-787
critical
 9.8
9.8
2018-11-08 CVE-2018-19108 Infinite Loop vulnerability in multiple products
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
network
low complexity
exiv2 debian redhat canonical CWE-835
6.5
6.5
2018-11-08 CVE-2018-19107 Integer Overflow or Wraparound vulnerability in multiple products
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
network
low complexity
exiv2 debian redhat canonical CWE-190
6.5
6.5
2018-11-07 CVE-2018-19058 Always-Incorrect Control Flow Implementation vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
network
low complexity
freedesktop canonical debian redhat CWE-670
6.5
6.5
2018-11-06 CVE-2018-14667 Code Injection vulnerability in Redhat Enterprise Linux and Richfaces
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource.
network
low complexity
redhat CWE-94
critical
 9.8
9.8
2018-11-02 CVE-2018-16849 Information Exposure vulnerability in Redhat Openstack-Mistral 7.0.0
A flaw was found in openstack-mistral.
network
low complexity
redhat CWE-200
7.5
7.5
2018-11-02 CVE-2018-18897 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
network
low complexity
freedesktop debian canonical redhat CWE-772
6.5
6.5
2018-11-01 CVE-2018-14660 A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr.
network
low complexity
gluster redhat debian
6.5
6.5
2018-10-31 CVE-2018-14651 It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete.
network
low complexity
debian redhat gluster
8.8
8.8