Total
64 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-12910 | 5 Canonical, Debian, Gnome and 2 more | 9 Ubuntu Linux, Debian Linux, Libsoup and 6 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | |||||
CVE-2018-1101 | 1 Redhat | 2 Ansible Tower, Cloudforms | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. System administrators that are members of organizations can have their passwords reset by organization administrators, allowing organization administrators access to the entire system. | |||||
CVE-2018-10767 | 2 Gnome, Redhat | 5 Libgxps, Ansible Tower, Enterprise Linux Desktop and 2 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. | |||||
CVE-2018-10733 | 3 Gnome, Opensuse, Redhat | 6 Libgxps, Leap, Ansible Tower and 3 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack. |