| Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-10854 | 3.5 |
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Na
|
13-02-2023 - 04:51 | 22-11-2019 - 12:15 | |
| CVE-2018-10855 | 4.3 |
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible
|
04-08-2021 - 17:14 | 03-07-2018 - 01:29 | |
| CVE-2018-1085 | 10.0 |
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf
|
09-10-2019 - 23:38 | 15-06-2018 - 13:29 | |
| CVE-2018-10857 | 5.0 |
git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN.
|
09-10-2019 - 23:33 | 16-07-2018 - 20:29 | |
| CVE-2018-10852 | 5.0 |
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available fo
|
09-10-2019 - 23:33 | 26-06-2018 - 14:29 | |
| CVE-2018-10851 | 5.0 |
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
|
09-10-2019 - 23:33 | 29-11-2018 - 18:29 | |
| CVE-2018-10856 | 6.5 |
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
|
09-10-2019 - 23:33 | 03-07-2018 - 01:29 | |
| CVE-2018-10859 | 5.0 |
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted dat
|
09-10-2019 - 23:33 | 16-07-2018 - 18:29 | |
| CVE-2018-10853 | 4.6 |
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process co
|
03-10-2019 - 00:03 | 11-09-2018 - 14:29 | |
| CVE-2018-10858 | 6.5 |
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and
|
26-06-2019 - 08:15 | 22-08-2018 - 17:29 | |
| CVE-2018-10850 | 7.1 |
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of servi
|
15-05-2019 - 21:29 | 13-06-2018 - 20:29 |