Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2016-9603 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. | 9.9 |
| 2018-07-27 | CVE-2016-9578 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. | 7.5 |
| 2018-07-27 | CVE-2017-2663 | Unspecified vulnerability in Redhat Subscription-Manager It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. | 7.8 |
| 2018-07-27 | CVE-2017-15101 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. | 9.8 |
| 2018-07-27 | CVE-2017-15097 | Unspecified vulnerability in Redhat products Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. | 6.7 |
| 2018-07-27 | CVE-2016-9577 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. | 8.8 |
| 2018-07-27 | CVE-2017-2634 | It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. | 7.5 |
| 2018-07-27 | CVE-2017-2633 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. | 6.5 |
| 2018-07-27 | CVE-2017-2632 | Incorrect Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. | 4.9 |
| 2018-07-27 | CVE-2017-2626 | It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. | 5.5 |