Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-14 | CVE-2015-7553 | Race Condition vulnerability in Redhat Enterprise Linux, Enterprise MRG and Kernel-Rt Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets. | 4.7 |
| 2017-09-14 | CVE-2017-1002151 | Missing Authorization vulnerability in Redhat Pagure Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization | 7.5 |
| 2017-09-14 | CVE-2017-12987 | Out-of-bounds Read vulnerability in multiple products The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). | 9.8 |
| 2017-09-14 | CVE-2017-12902 | Out-of-bounds Read vulnerability in multiple products The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. | 9.8 |
| 2017-09-14 | CVE-2017-12899 | Out-of-bounds Read vulnerability in multiple products The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). | 9.8 |
| 2017-09-14 | CVE-2017-12896 | Out-of-bounds Read vulnerability in multiple products The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). | 9.8 |
| 2017-09-13 | CVE-2017-7561 | HTTP Request Smuggling vulnerability in Redhat Jboss Enterprise Application Platform Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact. | 7.5 |
| 2017-09-13 | CVE-2017-7560 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Rhnsd It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes. | 5.5 |
| 2017-09-12 | CVE-2017-1000251 | Out-of-bounds Write vulnerability in multiple products The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. | 8.0 |
| 2017-09-06 | CVE-2015-3163 | Improper Access Control vulnerability in Redhat Beaker The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAKER/powertypes and $BEAKER/keytypes respectively. | 4.3 |