Skip to main content

Enterprise Virtualization Host

2 CVEs product

Monthly

CVE-2018-14652 MEDIUM This Month

The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Gluster Storage Debian Linux Enterprise Virtualization Host +2
NVD
CVSS 3.1
6.5
EPSS
2.7%
CVE-2018-1111 HIGH POC THREAT Act Now

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Red Hat Command Injection Fedora Enterprise Virtualization Enterprise Virtualization Host +4
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
94.5%
EPSS 3% CVSS 6.5
MEDIUM This Month

The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Gluster Storage +4
NVD
EPSS 94% CVSS 7.5
HIGH POC THREAT Act Now

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Red Hat Command Injection Fedora +6
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy