Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-08 | CVE-2016-3099 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat products mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled. | 7.5 |
| 2017-06-08 | CVE-2016-4471 | Permissions, Privileges, and Access Controls vulnerability in Redhat Cloudforms ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. | 8.8 |
| 2017-06-08 | CVE-2016-4457 | Cryptographic Issues vulnerability in Redhat Cloudforms Management Engine 5.7 CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate. | 7.5 |
| 2017-06-08 | CVE-2016-3690 | Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload. | 9.8 |
| 2017-06-08 | CVE-2014-3498 | Improper Input Validation vulnerability in Redhat Ansible The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. | 8.8 |
| 2017-06-07 | CVE-2015-6240 | Link Following vulnerability in Redhat Ansible The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. | 7.8 |
| 2017-06-06 | CVE-2017-9462 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | 8.8 |
| 2017-06-06 | CVE-2017-9461 | Infinite Loop vulnerability in multiple products smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks. | 6.5 |
| 2017-06-06 | CVE-2016-3077 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redhat Ovirt-Engine The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs. | 6.5 |
| 2017-05-29 | CVE-2017-9287 | Double Free vulnerability in multiple products servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. | 6.5 |