Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-27 CVE-2018-1056 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files.
local
low complexity
advancemame canonical debian CWE-125
7.8
7.8
2018-07-27 CVE-2017-2646 Infinite Loop vulnerability in Redhat Keycloak
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop.
network
low complexity
redhat CWE-835
7.5
7.5
2018-07-27 CVE-2017-2630 Unspecified vulnerability in Qemu
A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support.
network
low complexity
qemu
8.8
8.8
2018-07-27 CVE-2017-2624 Information Exposure vulnerability in multiple products
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies.
local
high complexity
x-org debian CWE-200
7.0
7.0
2018-07-27 CVE-2017-2590 Permission Issues vulnerability in multiple products
A vulnerability was found in ipa before 4.4.
network
low complexity
freeipa redhat CWE-275
8.1
8.1
2018-07-27 CVE-2017-2581 Out-of-bounds Write vulnerability in Netpbm Project Netpbm
An out-of-bounds write vulnerability was found in netpbm before 10.61.
local
low complexity
netpbm-project CWE-787
7.8
7.8
2018-07-27 CVE-2017-2580 Out-of-bounds Write vulnerability in Netpbm Project Netpbm 10.61.00
An out-of-bounds write vulnerability was found in netpbm before 10.61.
local
low complexity
netpbm-project CWE-787
7.8
7.8
2018-07-27 CVE-2017-2579 Out-of-bounds Read vulnerability in Netpbm Project Netpbm 10.61.00
An out-of-bounds read vulnerability was found in netpbm before 10.61.
local
low complexity
netpbm-project CWE-125
7.8
7.8
2018-07-27 CVE-2017-15119 Resource Exhaustion vulnerability in multiple products
The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue.
network
low complexity
qemu canonical debian redhat CWE-400
8.6
8.6
2018-07-27 CVE-2017-12173 Improper Input Validation vulnerability in multiple products
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection.
network
low complexity
redhat fedoraproject CWE-20
8.8
8.8