High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-28	CVE-2019-3869	Information Exposure vulnerability in Redhat Ansible Tower When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. network low complexity redhat CWE-200	7.2
2019-03-27	CVE-2019-5419	Allocation of Resources Without Limits or Throttling vulnerability in multiple products There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. network low complexity rubyonrails debian redhat opensuse fedoraproject CWE-770	7.5
2019-03-27	CVE-2019-5418	There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. network low complexity rubyonrails debian redhat opensuse fedoraproject	7.5
2019-03-26	CVE-2019-3878	Improper Authentication vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. network high complexity mod-auth-mellon-project fedoraproject redhat canonical CWE-287	8.1
2019-03-26	CVE-2019-3830	Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in ceilometer before version 12.0.0.0rc1. local low complexity openstack redhat CWE-532	7.8
2019-03-26	CVE-2019-3804	Missing Initialization of Resource vulnerability in multiple products It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. network low complexity cockpit-project fedoraproject redhat CWE-909	7.5
2019-03-26	CVE-2018-16856	Information Exposure Through Log Files vulnerability in multiple products In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. network low complexity openstack redhat CWE-532	7.5
2019-03-25	CVE-2019-0204	A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. local low complexity apache redhat	7.8
2019-03-25	CVE-2019-3879	Missing Authorization vulnerability in multiple products It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal command, meaning the permission validation that should be performed against the calling user is skipped. network low complexity ovirt redhat CWE-862	8.1
2019-03-25	CVE-2019-3857	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8