Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-11 | CVE-2018-1127 | Session Fixation vulnerability in Redhat Gluster Storage Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. | 8.1 |
| 2018-09-11 | CVE-2018-1114 | Resource Exhaustion vulnerability in Redhat Undertow, Virtualization and Virtualization Host It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. | 6.5 |
| 2018-09-11 | CVE-2018-10935 | Improper Input Validation vulnerability in Redhat 389 Directory Server A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | 6.5 |
| 2018-09-11 | CVE-2016-7066 | Permission Issues vulnerability in Redhat Jboss Enterprise Application Platform It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. | 7.8 |
| 2018-09-11 | CVE-2016-7070 | Permissions, Privileges, and Access Controls vulnerability in Redhat Ansible Tower A privilege escalation flaw was found in the Ansible Tower. | 8.0 |
| 2018-09-11 | CVE-2016-7047 | Information Exposure vulnerability in Redhat Cloudforms and Cloudforms Management Engine A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. | 4.3 |
| 2018-09-10 | CVE-2018-14635 | Improper Input Validation vulnerability in multiple products When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. | 6.5 |
| 2018-09-10 | CVE-2018-14620 | Improper Input Validation vulnerability in Redhat Openstack 12/13 The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. | 9.8 |
| 2018-09-10 | CVE-2018-16802 | An issue was discovered in Artifex Ghostscript before 9.25. | 7.8 |
| 2018-09-10 | CVE-2016-7061 | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. | 6.5 |