Vulnerabilities > Redhat > Enterprise Linux Desktop > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-01-27 | CVE-2017-3244 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 4.0 |
2017-01-27 | CVE-2017-3243 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). | 4.4 |
2017-01-27 | CVE-2017-3238 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2017-01-27 | CVE-2016-5824 | Use After Free vulnerability in multiple products libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | 4.3 |
2017-01-13 | CVE-2016-9811 | Out-of-bounds Read vulnerability in multiple products The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file. | 4.7 |
2017-01-13 | CVE-2016-7426 | Resource Exhaustion vulnerability in NTP 4.2.5/4.2.6/4.2.7 NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address. | 4.3 |
2017-01-12 | CVE-2016-9131 | Improper Input Validation vulnerability in multiple products named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. | 5.0 |
2016-12-22 | CVE-2016-7091 | Information Exposure vulnerability in Redhat products sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. | 4.9 |
2016-11-02 | CVE-2016-8864 | Reachable Assertion vulnerability in multiple products named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. | 5.0 |
2016-10-25 | CVE-2016-5629 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. | 4.0 |