Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2018-06-13 CVE-2018-11806 Out-of-bounds Write vulnerability in multiple products
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
local
low complexity
qemu canonical redhat debian CWE-787
8.2
8.2
2018-06-12 CVE-2018-5848 Integer Overflow or Wraparound vulnerability in multiple products
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly.
local
low complexity
google redhat debian CWE-190
7.8
7.8
2018-06-12 CVE-2018-5803 Improper Input Validation vulnerability in multiple products
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
local
low complexity
linux debian redhat CWE-20
5.5
5.5
2018-06-12 CVE-2018-1103 Improper Input Validation vulnerability in Redhat Source-To-Image
Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input.
network
low complexity
redhat CWE-20
6.5
6.5
2018-06-12 CVE-2018-1070 Improper Input Validation vulnerability in Redhat Openshift Container Platform
routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down.
network
low complexity
redhat CWE-20
7.5
7.5
2018-06-11 CVE-2018-5185 Missing Encryption of Sensitive Data vulnerability in multiple products
Plaintext of decrypted emails can leak through by user submitting an embedded form.
network
low complexity
redhat debian canonical mozilla CWE-311
6.5
6.5
2018-06-11 CVE-2018-5184 Inadequate Encryption Strength vulnerability in multiple products
Using remote content in encrypted messages can lead to the disclosure of plaintext.
network
low complexity
debian mozilla canonical redhat CWE-326
7.5
7.5
2018-06-11 CVE-2018-5183 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers backported selected changes in the Skia library.
network
low complexity
redhat debian canonical mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-5178 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data.
network
high complexity
debian mozilla canonical redhat CWE-119
8.1
8.1
2018-06-11 CVE-2018-5170 Improper Input Validation vulnerability in multiple products
It is possible to spoof the filename of an attachment and display an arbitrary attachment name.
network
low complexity
redhat mozilla debian canonical CWE-20
4.3
4.3