Vulnerabilities > Redhat > Enterprise Linux Server AUS > 7.3

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-20	CVE-2015-5160	Information Exposure vulnerability in multiple products libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. local low complexity libvirt redhat CWE-200	5.5
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp f5 a10networks cisco CWE-400	7.5
2018-08-01	CVE-2016-9583	Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. local low complexity redhat jasper-project oracle CWE-125	7.8
2018-08-01	CVE-2016-8654	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. local low complexity jasper-project redhat debian CWE-119	7.8
2018-08-01	CVE-2016-8635	It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. network high complexity mozilla redhat	5.9
2018-08-01	CVE-2016-9573	An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. network low complexity uclouvain redhat debian	8.1
2018-07-27	CVE-2016-9603	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. network low complexity qemu redhat citrix debian CWE-119 critical	9.9
2018-07-27	CVE-2016-9578	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-20	7.5
2018-07-27	CVE-2016-9577	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-119	8.8
2018-07-27	CVE-2017-2620	Out-of-bounds Write vulnerability in multiple products Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. network low complexity qemu redhat citrix debian xen CWE-787 critical	9.9