Vulnerabilities > Redhat > Enterprise Linux EUS > 7.2

DATE	CVE	VULNERABILITY TITLE	RISK
2016-01-12	CVE-2015-1779	Resource Exhaustion vulnerability in multiple products The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. network low complexity qemu canonical debian fedoraproject redhat oracle CWE-400	8.6
2015-12-02	CVE-2015-8391	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. network low complexity pcre oracle fedoraproject redhat php CWE-119 critical	9.8
2015-08-08	CVE-2015-4495	The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. network low complexity mozilla oracle canonical redhat suse opensuse	8.8
2015-07-16	CVE-2015-2590	Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. network low complexity oracle canonical debian suse opensuse redhat critical	9.8