Vulnerabilities > Redhat > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-05 | CVE-2017-1000111 | Out-of-bounds Write vulnerability in multiple products Linux kernel: heap out-of-bounds in AF_PACKET sockets. | 7.8 |
2017-10-04 | CVE-2017-12149 | Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data. | 7.5 |
2017-10-03 | CVE-2017-14496 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. | 7.5 |
2017-10-03 | CVE-2017-14495 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. | 7.5 |
2017-10-03 | CVE-2017-13704 | Improper Input Validation vulnerability in multiple products In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. | 7.5 |
2017-09-29 | CVE-2017-7552 | Unspecified vulnerability in Redhat Mobile Application Platform 4.4/4.4.3 A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. | 7.5 |
2017-09-25 | CVE-2015-5184 | Unspecified vulnerability in Redhat AMQ and Jboss Enterprise web Server Console: CORS headers set to allow all in Red Hat AMQ. | 7.5 |
2017-09-25 | CVE-2015-5183 | Unspecified vulnerability in Redhat Amq, Jboss A-Mq and Jboss Enterprise web Server Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. | 7.5 |
2017-09-25 | CVE-2015-5182 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat AMQ Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ. | 8.8 |
2017-09-19 | CVE-2014-8174 | Information Exposure vulnerability in Redhat Edeploy eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files. | 7.5 |