Vulnerabilities > Redhat > Enterprise Linux Desktop > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-18 | CVE-2018-2639 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 8.3 |
| 2018-01-18 | CVE-2018-2638 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 8.3 |
| 2018-01-18 | CVE-2018-2637 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). | 7.4 |
| 2018-01-18 | CVE-2018-2633 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 8.3 |
| 2018-01-18 | CVE-2018-2562 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). | 7.1 |
| 2018-01-12 | CVE-2018-5344 | Use After Free vulnerability in multiple products In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact. | 7.8 |
| 2018-01-12 | CVE-2018-5345 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file. | 7.8 |
| 2018-01-09 | CVE-2018-4871 | Out-of-bounds Read vulnerability in multiple products An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. | 7.5 |
| 2017-12-18 | CVE-2017-16997 | Untrusted Search Path vulnerability in multiple products elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. | 7.8 |
| 2017-12-15 | CVE-2017-17405 | OS Command Injection vulnerability in multiple products Ruby before 2.4.3 allows Net::FTP command injection. | 8.8 |