Vulnerabilities > Redhat > Enterprise Linux Desktop > High

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2018-2639 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle redhat
8.3
2018-01-18 CVE-2018-2638 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle redhat netapp
8.3
2018-01-18 CVE-2018-2637 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). 7.4
2018-01-18 CVE-2018-2633 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 8.3
2018-01-18 CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition).
network
low complexity
oracle mariadb debian canonical netapp redhat
7.1
2018-01-12 CVE-2018-5344 Use After Free vulnerability in multiple products
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
local
low complexity
linux canonical redhat CWE-416
7.8
2018-01-12 CVE-2018-5345 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
7.8
2018-01-09 CVE-2018-4871 Out-of-bounds Read vulnerability in multiple products
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137.
network
low complexity
redhat adobe CWE-125
7.5
2017-12-18 CVE-2017-16997 Untrusted Search Path vulnerability in multiple products
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions.
local
low complexity
gnu redhat CWE-426
7.8
2017-12-15 CVE-2017-17405 OS Command Injection vulnerability in multiple products
Ruby before 2.4.3 allows Net::FTP command injection.
network
low complexity
ruby-lang debian redhat CWE-78
8.8