Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-31 | CVE-2016-2125 | Improper Input Validation vulnerability in multiple products It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. | 6.5 |
| 2018-10-31 | CVE-2018-14659 | Resource Exhaustion vulnerability in multiple products The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. | 6.5 |
| 2018-10-31 | CVE-2018-14654 | Path Traversal vulnerability in multiple products The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. | 6.5 |
| 2018-10-31 | CVE-2018-14652 | Classic Buffer Overflow vulnerability in multiple products The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. | 6.5 |
| 2018-10-31 | CVE-2016-6343 | Cross-site Scripting vulnerability in Redhat Jboss BPM Suite JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. | 5.4 |
| 2018-10-31 | CVE-2016-2121 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack 10 A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. | 5.5 |
| 2018-10-25 | CVE-2018-14665 | Incorrect Authorization vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.3. | 6.6 |
| 2018-10-23 | CVE-2018-18585 | NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | 4.3 |
| 2018-10-23 | CVE-2018-18584 | Out-of-bounds Write vulnerability in multiple products In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. network low complexity libmspack-project cabextract-project debian redhat canonical suse starwindsoftware CWE-787 | 6.5 |
| 2018-10-19 | CVE-2018-18438 | Integer Overflow or Wraparound vulnerability in multiple products Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | 5.5 |