Vulnerabilities > Redhat > Enterprise Linux EUS > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-27 CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets).
network
high complexity
oracle mariadb debian redhat
4.4
2017-01-27 CVE-2017-3238 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian mariadb redhat
6.5
2017-01-13 CVE-2016-9811 Out-of-bounds Read vulnerability in multiple products
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
local
high complexity
gstreamer fedoraproject debian redhat CWE-125
4.7
2016-10-25 CVE-2016-5629 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
network
low complexity
oracle mariadb redhat
4.9
2016-10-25 CVE-2016-5626 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
network
low complexity
oracle mariadb redhat
6.5
2016-10-25 CVE-2016-5624 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
network
low complexity
oracle mariadb redhat
6.5
2016-10-25 CVE-2016-5612 Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
network
low complexity
oracle mariadb redhat
6.5
2016-10-25 CVE-2016-3492 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
network
low complexity
oracle mariadb redhat
6.5
2016-07-19 CVE-2016-2775 Improper Input Validation vulnerability in multiple products
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
network
high complexity
hp isc fedoraproject redhat CWE-20
5.9
2016-05-25 CVE-2016-4020 The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
local
low complexity
qemu canonical debian redhat
6.5