Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-18 | CVE-2018-14642 | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform and Undertow An information leak vulnerability was found in Undertow. | 5.3 |
| 2018-09-17 | CVE-2018-11781 | Code Injection vulnerability in multiple products Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. | 7.8 |
| 2018-09-17 | CVE-2017-15705 | Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. | 5.3 |
| 2018-09-14 | CVE-2018-14638 | Double Free vulnerability in multiple products A flaw was found in 389-ds-base before version 1.3.8.4-13. | 7.5 |
| 2018-09-11 | CVE-2018-10937 | Cross-site Scripting vulnerability in Redhat Openshift Container Platform 3.11 A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. | 5.4 |
| 2018-09-11 | CVE-2018-1127 | Session Fixation vulnerability in Redhat Gluster Storage Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. | 8.1 |
| 2018-09-11 | CVE-2018-1114 | Resource Exhaustion vulnerability in Redhat Undertow, Virtualization and Virtualization Host It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. | 6.5 |
| 2018-09-11 | CVE-2018-10935 | Improper Input Validation vulnerability in Redhat 389 Directory Server A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | 6.5 |
| 2018-09-11 | CVE-2016-7066 | Permission Issues vulnerability in Redhat Jboss Enterprise Application Platform It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. | 7.8 |
| 2018-09-11 | CVE-2016-7070 | Permissions, Privileges, and Access Controls vulnerability in Redhat Ansible Tower A privilege escalation flaw was found in the Ansible Tower. | 8.0 |