Enterprise Linux EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2017-01-27	CVE-2017-3291	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). local high complexity oracle mariadb debian redhat	3.5
2017-01-27	CVE-2017-3265	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). network oracle redhat debian mariadb	4.9
2017-01-27	CVE-2017-3258	Improper Input Validation vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle mariadb debian redhat CWE-20	4.0
2017-01-27	CVE-2017-3244	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian mariadb redhat	4.0
2017-01-27	CVE-2017-3243	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). network high complexity oracle mariadb debian redhat	4.4
2017-01-27	CVE-2017-3238	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle debian mariadb redhat	4.0
2017-01-23	CVE-2016-9446	Improper Initialization vulnerability in multiple products The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. network low complexity gstreamer-project redhat fedoraproject CWE-665	7.5
2017-01-13	CVE-2016-9811	Out-of-bounds Read vulnerability in multiple products The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file. local high complexity gstreamer fedoraproject debian redhat CWE-125	4.7
2017-01-12	CVE-2016-9131	Improper Input Validation vulnerability in multiple products named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. network low complexity isc debian redhat netapp CWE-20	5.0
2016-11-10	CVE-2016-5195	Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." local high complexity canonical linux redhat debian fedoraproject paloaltonetworks netapp CWE-362	7.0