Redhat » Enterprise Linux Workstation : Security Vulnerabilities, CVEs, Published In 2018 (Bypass) CVSS score >= 8
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
Max CVSS
8.1
EPSS Score
0.45%
Published
2018-07-10
Updated
2019-10-09
CVE-2018-7750
Public exploit
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
Max CVSS
9.8
EPSS Score
6.63%
Published
2018-03-13
Updated
2022-04-18
In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.
Max CVSS
9.8
EPSS Score
1.82%
Published
2018-03-26
Updated
2022-09-07
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
Max CVSS
8.8
EPSS Score
1.63%
Published
2018-06-11
Updated
2018-08-09
4 vulnerabilities found