Vulnerabilities > Redhat

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-27	CVE-2017-2632	Incorrect Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. network low complexity redhat CWE-863	4.9
2018-07-27	CVE-2017-2626	It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. local low complexity freedesktop redhat	5.5
2018-07-27	CVE-2017-2620	Out-of-bounds Write vulnerability in multiple products Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. network low complexity qemu redhat citrix debian xen CWE-787 critical	9.9
2018-07-27	CVE-2017-2618	A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. local low complexity linux redhat debian	5.5
2018-07-27	CVE-2017-2616	Race Condition vulnerability in multiple products A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. local high complexity util-linux-project redhat debian CWE-362	4.7
2018-07-27	CVE-2018-10882	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity linux debian canonical redhat	5.5
2018-07-27	CVE-2017-7463	Cross-site Scripting vulnerability in Redhat Jboss BPM Suite JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a reflected XSS via artifact upload. network low complexity redhat CWE-79	6.1
2018-07-27	CVE-2017-2674	Cross-site Scripting vulnerability in Redhat Jboss BPM Suite JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored XSS via several lists in Business Central. network low complexity redhat CWE-79	5.4
2018-07-27	CVE-2017-2658	Unspecified vulnerability in Redhat products It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. network low complexity redhat	6.5
2018-07-27	CVE-2017-2653	Improper Input Validation vulnerability in Redhat Cloudforms and Cloudforms Management Engine A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests. network low complexity redhat CWE-20	6.5

Vulnerabilities > Redhat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Redhat"}]}

Vulnerabilities > Redhat