Vulnerabilities > Redhat > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-10870 Improper Input Validation vulnerability in Redhat Certification
redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile.
network
low complexity
redhat CWE-20
critical
 9.8
9.8
2018-07-19 CVE-2017-7481 Improper Input Validation vulnerability in multiple products
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe.
network
low complexity
redhat canonical debian CWE-20
critical
 9.8
9.8
2018-07-17 CVE-2018-14362 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-119
critical
 9.8
9.8
2018-07-17 CVE-2018-14357 OS Command Injection vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-78
critical
 9.8
9.8
2018-07-17 CVE-2018-14354 OS Command Injection vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-78
critical
 9.8
9.8
2018-07-09 CVE-2018-5002 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability.
network
low complexity
adobe redhat CWE-787
critical
 9.8
9.8
2018-07-05 CVE-2018-12910 Out-of-bounds Read vulnerability in multiple products
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
network
low complexity
gnome canonical debian redhat opensuse CWE-125
critical
 9.8
9.8
2018-07-03 CVE-2017-2615 Out-of-bounds Write vulnerability in multiple products
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen CWE-787
critical
 9.1
9.1
2018-06-27 CVE-2017-7465 XXE vulnerability in Redhat Jboss Enterprise Application Platform 7.0.0
It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection.
network
low complexity
redhat CWE-611
critical
 9.8
9.8
2018-06-26 CVE-2018-1072 Information Exposure Through Log Files vulnerability in multiple products
ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files.
network
low complexity
ovirt redhat CWE-532
critical
 9.8
9.8