High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-14	CVE-2018-14638	Double Free vulnerability in multiple products A flaw was found in 389-ds-base before version 1.3.8.4-13. network low complexity fedoraproject redhat CWE-415	7.5
2018-09-11	CVE-2018-1127	Session Fixation vulnerability in Redhat Gluster Storage Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. network high complexity redhat CWE-384	8.1
2018-09-11	CVE-2016-7066	Permission Issues vulnerability in Redhat Jboss Enterprise Application Platform It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. local low complexity redhat CWE-275	7.8
2018-09-11	CVE-2016-7070	Permissions, Privileges, and Access Controls vulnerability in Redhat Ansible Tower A privilege escalation flaw was found in the Ansible Tower. low complexity redhat CWE-264	8.0
2018-09-10	CVE-2018-16802	An issue was discovered in Artifex Ghostscript before 9.25. local low complexity artifex debian canonical redhat	7.8
2018-09-10	CVE-2016-7035	Improper Authorization vulnerability in multiple products An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. local low complexity clusterlabs redhat CWE-285	7.8
2018-09-10	CVE-2016-7071	Improper Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. network low complexity redhat CWE-285	8.8
2018-09-10	CVE-2016-7075	It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. network high complexity kubernetes redhat	8.1
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-09-06	CVE-2018-14632	Out-of-bounds Write vulnerability in multiple products An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. network low complexity redhat starcounter-jack CWE-787	7.7