| 2018-09-11 | CVE-2016-7047 | Information Exposure vulnerability in Redhat Cloudforms and Cloudforms Management Engine
A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. | 4.3 |
| 2018-09-10 | CVE-2018-14635 | Improper Input Validation vulnerability in multiple products
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. | 6.5 |
| 2018-09-10 | CVE-2018-14620 | Improper Input Validation vulnerability in Redhat Openstack 12/13
The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. | 9.8 |
| 2018-09-10 | CVE-2018-16802 | An issue was discovered in Artifex Ghostscript before 9.25. | 7.8 |
| 2018-09-10 | CVE-2016-7061 | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. | 6.5 |
| 2018-09-10 | CVE-2016-7056 | A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. | 5.5 |
| 2018-09-10 | CVE-2016-7041 | Unspecified vulnerability in Redhat Jboss Brms and Jboss Drools
Drools Workbench contains a path traversal vulnerability. | 6.5 |
| 2018-09-10 | CVE-2016-7035 | Improper Authorization vulnerability in multiple products
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. | 7.8 |
| 2018-09-10 | CVE-2016-7071 | Improper Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. | 8.8 |
| 2018-09-10 | CVE-2016-7075 | It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. | 8.1 |