Vulnerabilities > Redhat > Virtualization Host

DATE CVE VULNERABILITY TITLE RISK
2018-10-22 CVE-2018-18559 Use After Free vulnerability in multiple products
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket.
network
high complexity
linux redhat CWE-416
8.1
2018-10-08 CVE-2018-1000805 Incorrect Authorization vulnerability in multiple products
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE.
network
low complexity
paramiko redhat debian canonical CWE-863
8.8
2018-09-11 CVE-2018-1114 Resource Exhaustion vulnerability in Redhat Undertow, Virtualization and Virtualization Host
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust.
network
low complexity
redhat CWE-400
6.5
2018-09-04 CVE-2018-10930 A flaw was found in RPC request using gfs3_rename_req in glusterfs server.
network
low complexity
gluster redhat debian opensuse
6.5
2018-09-04 CVE-2018-10929 A flaw was found in RPC request using gfs2_create_req in glusterfs server.
network
low complexity
redhat debian gluster opensuse
8.8
2018-09-04 CVE-2018-10928 A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume.
network
low complexity
redhat debian gluster opensuse
8.8
2018-09-04 CVE-2018-10927 A flaw was found in RPC request using gfs3_lookup_req in glusterfs server.
network
low complexity
redhat debian gluster opensuse
8.1
2018-09-04 CVE-2018-10926 A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server.
network
low complexity
redhat debian gluster opensuse
8.8
2018-09-04 CVE-2018-10923 It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node.
network
low complexity
gluster redhat debian opensuse
8.1
2018-09-04 CVE-2018-10914 It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service.
network
low complexity
gluster redhat debian opensuse
6.5