Vulnerabilities > Redhat > Enterprise Linux Desktop > Low

DATE CVE VULNERABILITY TITLE RISK
2018-03-06 CVE-2018-5730 LDAP Injection vulnerability in multiple products
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
network
low complexity
mit fedoraproject debian redhat CWE-90
3.8
2018-01-18 CVE-2018-2579 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). 3.7
2017-10-27 CVE-2017-5081 Improper Input Validation vulnerability in multiple products
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.
local
low complexity
google debian redhat CWE-20
3.3
2017-10-19 CVE-2017-10345 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
high complexity
oracle debian redhat netapp
3.1
2017-08-08 CVE-2017-10193 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle debian netapp redhat
3.1
2017-08-08 CVE-2017-3653 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
high complexity
oracle debian redhat mariadb
3.1
2017-04-24 CVE-2017-3533 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian
3.7
2017-04-24 CVE-2017-3539 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle redhat debian
3.1
2017-04-24 CVE-2017-3544 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian google
3.7
2017-04-14 CVE-2016-4455 Permissions, Privileges, and Access Controls vulnerability in Redhat products
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.
local
low complexity
redhat CWE-264
3.3