Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-12 | CVE-2018-10998 | An issue was discovered in Exiv2 0.26. | 6.5 |
| 2018-05-11 | CVE-2018-1258 | Incorrect Authorization vulnerability in multiple products Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. | 8.8 |
| 2018-05-11 | CVE-2018-1257 | Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. | 6.5 |
| 2018-05-11 | CVE-2016-8627 | Resource Exhaustion vulnerability in Redhat Jboss Enterprise Application Platform and Keycloak admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. | 6.5 |
| 2018-05-10 | CVE-2018-1118 | Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. | 5.5 |
| 2018-05-10 | CVE-2017-18267 | Infinite Loop vulnerability in multiple products The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. | 5.5 |
| 2018-05-10 | CVE-2018-1130 | NULL Pointer Dereference vulnerability in multiple products Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls. | 5.5 |
| 2018-05-09 | CVE-2018-1089 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. | 7.5 |
| 2018-05-09 | CVE-2018-10683 | Improper Authentication vulnerability in Redhat Wildfly 10.1.2 An issue was discovered in WildFly 10.1.2.Final. | 9.8 |
| 2018-05-09 | CVE-2018-10184 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in HAProxy before 1.8.8. | 7.5 |