Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-03 | CVE-2017-13704 | Improper Input Validation vulnerability in multiple products In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. | 7.5 |
| 2017-09-29 | CVE-2017-7554 | Cross-site Scripting vulnerability in Redhat Mobile Application Platform 4.4 It was found that the App Studio component of RHMAP 4.4 executes javascript provided by a user. | 6.1 |
| 2017-09-29 | CVE-2017-7553 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Mobile Application Platform 4.0/4.4/4.4.3 The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). | 6.3 |
| 2017-09-29 | CVE-2017-7552 | Unspecified vulnerability in Redhat Mobile Application Platform 4.0/4.4/4.4.3 A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. | 9.8 |
| 2017-09-26 | CVE-2015-0238 | Information Exposure vulnerability in Redhat Openshift 2.0 selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing information via a privilege escalation attack. | 3.3 |
| 2017-09-25 | CVE-2015-7544 | Injection vulnerability in Redhat Enterprise Virtualization Manager 3.4/3.4.1/3.5.0 redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment. | 9.1 |
| 2017-09-25 | CVE-2015-5184 | Unspecified vulnerability in Redhat AMQ and Jboss Enterprise web Server Console: CORS headers set to allow all in Red Hat AMQ. | 7.5 |
| 2017-09-25 | CVE-2015-5183 | Unspecified vulnerability in Redhat Amq, Jboss A-Mq and Jboss Enterprise web Server Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. | 7.5 |
| 2017-09-25 | CVE-2015-5182 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat AMQ Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ. | 8.8 |
| 2017-09-25 | CVE-2015-5181 | Cross-site Scripting vulnerability in Redhat Jboss A-Mq The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript. | 5.4 |