Vulnerabilities > Redhat > Enterprise Linux Server AUS > 7.4

DATE CVE VULNERABILITY TITLE RISK
2017-04-27 CVE-2017-8291 Type Confusion vulnerability in multiple products
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
local
low complexity
artifex debian redhat CWE-843
7.8
7.8
2017-04-24 CVE-2017-3600 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump).
network
high complexity
oracle redhat debian mariadb
6.6
6.6
2017-04-24 CVE-2017-3544 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian google
3.7
3.7
2017-04-24 CVE-2017-3539 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle redhat debian
3.1
3.1
2017-04-24 CVE-2017-3533 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian
3.7
3.7
2017-04-24 CVE-2017-3464 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle debian redhat mariadb
4.3
4.3
2017-04-24 CVE-2017-3456 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian mariadb redhat
4.9
4.9
2017-04-24 CVE-2017-3309 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian mariadb redhat
7.7
7.7
2017-04-24 CVE-2017-3308 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian mariadb redhat
7.7
7.7
2017-04-17 CVE-2017-5645 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
network
low complexity
apache netapp redhat oracle CWE-502
critical
 9.8
9.8