Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
| 2018-09-05 | CVE-2016-1000232 | Improper Input Validation vulnerability in multiple products NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. | 5.3 |
| 2018-09-04 | CVE-2018-10930 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_rename_req in glusterfs server. | 6.5 |
| 2018-09-04 | CVE-2018-10914 | NULL Pointer Dereference vulnerability in multiple products It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. | 6.5 |
| 2018-09-04 | CVE-2018-10913 | Information Exposure Through an Error Message vulnerability in multiple products An information disclosure vulnerability was discovered in glusterfs server. | 6.5 |
| 2018-09-04 | CVE-2018-14627 | Cleartext Transmission of Sensitive Information vulnerability in Redhat Wildfly The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. | 5.9 |
| 2018-09-04 | CVE-2018-16435 | Integer Overflow or Wraparound vulnerability in multiple products Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. | 5.5 |
| 2018-08-29 | CVE-2018-12824 | Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. | 5.9 |
| 2018-08-29 | CVE-2018-16062 | Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | 5.5 |
| 2018-08-28 | CVE-2017-15429 | Cross-site Scripting vulnerability in multiple products Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | 6.1 |