Vulnerabilities > Redhat > Enterprise Linux EUS > 7.3

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-10096 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP).
network
low complexity
oracle debian redhat netapp
critical
 9.6
9.6
2017-08-08 CVE-2017-10090 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle debian netapp redhat
critical
 9.6
9.6
2017-08-08 CVE-2017-10089 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO).
network
low complexity
oracle debian redhat netapp
critical
 9.6
9.6
2017-08-08 CVE-2017-10078 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting).
network
low complexity
oracle debian redhat phoenixcontact netapp
8.1
8.1
2017-08-08 CVE-2017-10074 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
network
high complexity
oracle debian redhat netapp
8.3
8.3
2017-08-08 CVE-2017-10067 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle debian redhat netapp
7.5
7.5
2017-08-08 CVE-2017-10053 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D).
network
low complexity
oracle debian redhat netapp phoenixcontact
5.3
5.3
2017-07-27 CVE-2016-8743 Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers.
network
low complexity
apache netapp debian redhat
7.5
7.5
2017-06-20 CVE-2017-7668 Out-of-bounds Read vulnerability in multiple products
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string.
network
low complexity
apache netapp redhat debian oracle apple CWE-125
7.5
7.5
2017-06-20 CVE-2017-3167 Improper Authentication vulnerability in multiple products
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
network
low complexity
apache netapp redhat apple debian oracle CWE-287
critical
 9.8
9.8