Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-31 | CVE-2018-14432 | Information Exposure vulnerability in multiple products In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. | 5.3 |
| 2018-07-30 | CVE-2018-10883 | A flaw was found in the Linux kernel's ext4 filesystem. | 5.5 |
| 2018-07-30 | CVE-2017-7514 | Unspecified vulnerability in Redhat Satellite A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0. | 5.4 |
| 2018-07-28 | CVE-2018-14680 | Improper Input Validation vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. | 6.5 |
| 2018-07-28 | CVE-2018-14679 | Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. | 6.5 |
| 2018-07-27 | CVE-2017-15097 | Unspecified vulnerability in Redhat products Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. | 6.7 |
| 2018-07-27 | CVE-2017-2633 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. | 6.5 |
| 2018-07-27 | CVE-2017-2632 | Incorrect Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. | 4.9 |
| 2018-07-27 | CVE-2017-2626 | It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. | 5.5 |
| 2018-07-27 | CVE-2017-2618 | A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. | 5.5 |