Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-01 | CVE-2017-15134 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. | 7.5 |
| 2018-03-01 | CVE-2018-7550 | Out-of-bounds Write vulnerability in multiple products The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | 8.8 |
| 2018-02-28 | CVE-2017-12191 | Unspecified vulnerability in Redhat Cloudforms 4.5 A flaw was found in the CloudForms account configuration when using VMware. | 7.4 |
| 2018-02-27 | CVE-2018-7549 | Improper Input Validation vulnerability in multiple products In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p. | 7.5 |
| 2018-02-23 | CVE-2018-6764 | Origin Validation Error vulnerability in multiple products util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. | 7.8 |
| 2018-02-19 | CVE-2017-18191 | An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. | 7.5 |
| 2018-02-18 | CVE-2018-7208 | Improper Input Validation vulnerability in multiple products In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. | 7.8 |
| 2018-02-15 | CVE-2018-1041 | Infinite Loop vulnerability in multiple products A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. | 7.5 |
| 2018-02-12 | CVE-2018-6927 | Integer Overflow or Wraparound vulnerability in multiple products The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. | 7.8 |
| 2018-02-09 | CVE-2018-1000026 | Improper Input Validation vulnerability in multiple products Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. | 7.7 |