High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-26	CVE-2017-7537	It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. network low complexity redhat dogtagpki	7.5
2018-07-26	CVE-2017-7530	Unspecified vulnerability in Redhat Cloudforms and Cloudforms Management Engine In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. network low complexity redhat	8.8
2018-07-24	CVE-2018-10906	Improper Privilege Management vulnerability in multiple products In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. local low complexity debian fuse-project redhat CWE-269	7.8
2018-07-24	CVE-2017-3224	Insufficient Verification of Data Authenticity vulnerability in multiple products Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. high complexity quagga suse redhat CWE-345	8.2
2018-07-24	CVE-2018-10905	OS Command Injection vulnerability in Redhat Cloudforms and Cloudforms Management Engine CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. local low complexity redhat CWE-78	7.8
2018-07-20	CVE-2018-5008	Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. network low complexity adobe redhat CWE-125	7.5
2018-07-20	CVE-2018-5007	Incorrect Type Conversion or Cast vulnerability in multiple products Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. network low complexity adobe redhat CWE-704	8.8
2018-07-19	CVE-2018-10869	Unspecified vulnerability in Redhat Certification and Enterprise Linux redhat-certification does not properly restrict files that can be download through the /download page. network low complexity redhat	7.5
2018-07-19	CVE-2017-2673	Unspecified vulnerability in Redhat Openstack 10/9 An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). network low complexity redhat	7.2
2018-07-13	CVE-2018-10875	Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. local low complexity redhat debian suse canonical CWE-426	7.8