Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-27 | CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | 7.8 |
| 2018-08-27 | CVE-2017-15139 | Information Exposure vulnerability in multiple products A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. | 7.5 |
| 2018-08-26 | CVE-2011-2767 | Code Injection vulnerability in multiple products mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes. | 9.8 |
| 2018-08-24 | CVE-2018-14599 | Off-by-one Error vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. | 9.8 |
| 2018-08-22 | CVE-2017-2635 | NULL Pointer Dereference vulnerability in Redhat Libvirt 2.5.0/3.0.0 A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. | 6.5 |
| 2018-08-22 | CVE-2018-10858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. | 8.8 |
| 2018-08-22 | CVE-2017-2627 | Path Traversal vulnerability in multiple products A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. | 8.2 |
| 2018-08-22 | CVE-2017-7528 | CRLF Injection vulnerability in Redhat Ansible Tower and Cloudforms Management Engine Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. | 6.5 |
| 2018-08-22 | CVE-2017-7513 | Improper Certificate Validation vulnerability in Redhat Satellite It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. | 5.4 |
| 2018-08-22 | CVE-2018-1139 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. | 8.1 |