Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2018-07-31 CVE-2016-8628 Command Injection vulnerability in Redhat Ansible
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller.
network
low complexity
redhat CWE-77
critical
9.1
2018-07-31 CVE-2016-8657 Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform 5.0.0/6.0.0/6.4.0
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files.
local
low complexity
redhat CWE-264
7.8
2018-07-31 CVE-2016-8626 Improper Input Validation vulnerability in Redhat products
A flaw was found in Red Hat Ceph before 0.94.9-8.
network
low complexity
redhat CWE-20
6.5
2018-07-31 CVE-2018-14432 Information Exposure vulnerability in multiple products
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects.
network
high complexity
debian redhat openstack CWE-200
5.3
2018-07-30 CVE-2018-10898 Use of Hard-coded Credentials vulnerability in multiple products
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40.
low complexity
redhat openstack CWE-798
8.8
2018-07-30 CVE-2018-10903 Improper Input Validation vulnerability in multiple products
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3.
network
low complexity
cryptography canonical redhat CWE-20
7.5
2018-07-30 CVE-2018-10883 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
debian linux canonical redhat
5.5
2018-07-30 CVE-2017-7518 Improper Handling of Exceptional Conditions vulnerability in multiple products
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack.
local
low complexity
redhat debian canonical linux CWE-755
7.8
2018-07-30 CVE-2017-7514 Unspecified vulnerability in Redhat Satellite
A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0.
network
low complexity
redhat
5.4
2018-07-30 CVE-2017-7482 Integer Overflow or Wraparound vulnerability in multiple products
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field.
local
low complexity
linux debian redhat CWE-190
7.8