Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-11 | CVE-2016-7047 | Information Exposure vulnerability in Redhat Cloudforms and Cloudforms Management Engine A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. | 4.3 |
| 2018-09-10 | CVE-2018-14635 | Improper Input Validation vulnerability in multiple products When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. | 6.5 |
| 2018-09-10 | CVE-2016-7061 | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. | 6.5 |
| 2018-09-10 | CVE-2016-7056 | A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. | 5.5 |
| 2018-09-10 | CVE-2016-7041 | Unspecified vulnerability in Redhat Jboss Brms and Jboss Drools Drools Workbench contains a path traversal vulnerability. | 6.5 |
| 2018-09-05 | CVE-2018-16542 | Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16541 | Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
| 2018-09-05 | CVE-2016-1000232 | Improper Input Validation vulnerability in multiple products NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. | 5.3 |
| 2018-09-04 | CVE-2018-10930 | A flaw was found in RPC request using gfs3_rename_req in glusterfs server. | 6.5 |