Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an. Rated low severity (CVSS 3.7). No vendor patch available.
The File module in Drupal 7.x before 7.11, when using unspecified field access modules, allows remote authenticated users to read arbitrary private files that are associated with restricted fields. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files. Rated low severity (CVSS 1.9). No vendor patch available.