Redhat: Security Vulnerabilities
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
CVSS Score
7.5
EPSS Score
0.016
Published
2019-11-13
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-13
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
CVSS Score
5.9
EPSS Score
0.002
Published
2019-11-13
OpenShift Origin: Improperly validated team names could allow stored XSS attacks
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-13
JBoss KeyCloak is vulnerable to soft token deletion via CSRF
CVSS Score
4.3
EPSS Score
0.002
Published
2019-11-13
JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-12
HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy
CVSS Score
6.5
EPSS Score
0.004
Published
2019-11-12
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
CVSS Score
9.8
EPSS Score
0.01
Published
2019-11-12
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform.
CVSS Score
3.1
EPSS Score
0.002
Published
2019-11-09
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-08