Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2018-03-06 CVE-2018-5729 NULL Pointer Dereference vulnerability in multiple products
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
network
low complexity
mit fedoraproject debian redhat CWE-476
4.7
2018-03-06 CVE-2018-7727 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in ZZIPlib 0.13.68.
network
low complexity
zziplib-project redhat CWE-772
6.5
2018-03-06 CVE-2018-7726 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in ZZIPlib 0.13.68.
network
low complexity
zziplib-project canonical redhat CWE-119
6.5
2018-03-06 CVE-2018-7725 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in ZZIPlib 0.13.68.
network
low complexity
zziplib-project canonical redhat CWE-119
6.5
2018-03-06 CVE-2018-1062 Improper Cross-boundary Removal of Sensitive Data vulnerability in Redhat Ovirt-Engine
A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM.
network
high complexity
redhat CWE-212
5.3
2018-03-05 CVE-2018-1000115 Resource Exhaustion vulnerability in multiple products
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources).
network
low complexity
memcached canonical debian redhat CWE-400
7.5
2018-03-02 CVE-2018-7643 Integer Overflow or Wraparound vulnerability in multiple products
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.
local
low complexity
gnu redhat CWE-190
7.8
2018-03-02 CVE-2018-7642 NULL Pointer Dereference vulnerability in multiple products
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.
local
low complexity
gnu redhat CWE-476
5.5
2018-03-02 CVE-2018-1063 Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions.
local
low complexity
redhat selinux-project
4.4
2018-03-02 CVE-2018-1058 A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users.
network
low complexity
postgresql canonical redhat
8.8