Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-26	CVE-2017-18344	Out-of-bounds Read vulnerability in multiple products The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). local low complexity linux canonical redhat CWE-125	5.5
2018-07-26	CVE-2018-10901	A flaw was found in Linux kernel's KVM virtualization subsystem. local low complexity linux redhat	7.8
2018-07-18	CVE-2018-2952	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). network high complexity oracle debian canonical hp redhat netapp	3.7
2018-07-18	CVE-2018-2767	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). network high complexity oracle debian canonical redhat mariadb netapp	3.1
2018-07-17	CVE-2018-14362	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-119 critical	9.8
2018-07-17	CVE-2018-14357	OS Command Injection vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-78 critical	9.8
2018-07-17	CVE-2018-14354	OS Command Injection vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-78 critical	9.8
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-07-03	CVE-2017-2615	Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. network low complexity qemu redhat citrix debian xen critical	9.1