Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-04 | CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. | 8.8 |
| 2018-09-04 | CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. | 8.8 |
| 2018-09-04 | CVE-2018-14627 | Cleartext Transmission of Sensitive Information vulnerability in Redhat Wildfly The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. | 5.9 |
| 2018-09-04 | CVE-2018-16435 | Integer Overflow or Wraparound vulnerability in multiple products Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. | 5.5 |
| 2018-09-03 | CVE-2018-16402 | Double Free vulnerability in multiple products libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. | 9.8 |
| 2018-08-30 | CVE-2018-14622 | Unchecked Return Value vulnerability in multiple products A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. | 7.5 |
| 2018-08-30 | CVE-2018-10936 | Improper Validation of Certificate with Host Mismatch vulnerability in multiple products A weakness was found in postgresql-jdbc before version 42.2.5. | 8.1 |
| 2018-08-29 | CVE-2018-15727 | Improper Authentication vulnerability in multiple products Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. | 9.8 |
| 2018-08-29 | CVE-2018-12828 | Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. | 9.8 |
| 2018-08-29 | CVE-2018-12827 | Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. | 7.5 |