Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2019-11135 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | 6.5 |
| 2019-11-13 | CVE-2014-8167 | Improper Certificate Validation vulnerability in Redhat products vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack | 5.9 |
| 2019-11-13 | CVE-2014-3655 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Jboss Enterprise web Server and Keycloak JBoss KeyCloak is vulnerable to soft token deletion via CSRF | 4.3 |
| 2019-11-13 | CVE-2014-3592 | Cross-site Scripting vulnerability in Redhat Openshift Origin OpenShift Origin: Improperly validated team names could allow stored XSS attacks | 6.1 |
| 2019-11-12 | CVE-2010-3857 | Cross-site Scripting vulnerability in Redhat Jboss Business Rules Management System JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter. | 6.1 |
| 2019-11-12 | CVE-2014-3599 | XXE vulnerability in Redhat Hornetq HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy | 6.5 |
| 2019-11-08 | CVE-2019-3866 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack-Mistral An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. | 5.5 |
| 2019-11-08 | CVE-2019-14860 | Unspecified vulnerability in Redhat Fuse and Syndesis It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. | 6.5 |
| 2019-11-08 | CVE-2019-14824 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. | 6.5 |
| 2019-11-08 | CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. | 6.1 |