Enterprise Linux EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-24	CVE-2017-3453	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle debian mariadb redhat	6.5
2017-04-24	CVE-2017-3309	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle debian mariadb redhat	7.7
2017-04-24	CVE-2017-3308	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian mariadb redhat	7.7
2017-04-11	CVE-2016-1908	Improper Authentication vulnerability in multiple products The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. network low complexity openbsd debian oracle redhat CWE-287 critical	9.8
2017-04-11	CVE-2016-5011	The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. low complexity kernel redhat ibm	4.6
2017-03-15	CVE-2015-8896	Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. network low complexity imagemagick oracle redhat	6.5
2017-02-15	CVE-2016-9560	Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. local low complexity jasper-project debian redhat CWE-787	7.8
2017-02-09	CVE-2017-5848	Out-of-bounds Read vulnerability in multiple products The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing. network low complexity gstreamer-project debian redhat CWE-125	7.5
2017-01-27	CVE-2017-3318	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). local high complexity oracle debian redhat mariadb	4.0
2017-01-27	CVE-2017-3317	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). local high complexity oracle debian redhat mariadb	4.0