Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2018-2602	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). local high complexity oracle redhat debian canonical schneider-electric hp	4.5
2018-01-18	CVE-2018-2599	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network high complexity oracle redhat debian canonical schneider-electric hp	4.8
2018-01-18	CVE-2018-2588	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). network low complexity oracle redhat debian canonical schneider-electric hp	4.3
2018-01-18	CVE-2018-2579	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle redhat debian canonical schneider-electric hp	3.7
2018-01-18	CVE-2018-2562	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). network low complexity oracle mariadb debian canonical netapp redhat	7.1
2018-01-12	CVE-2018-5345	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file. local low complexity fedoraproject gnome canonical debian redhat CWE-787	7.8
2018-01-09	CVE-2017-15129	Race Condition vulnerability in multiple products A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. local high complexity linux fedoraproject canonical redhat CWE-362	4.7
2018-01-03	CVE-2017-18017	Use After Free vulnerability in multiple products The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. network low complexity linux debian arista f5 suse opensuse openstack canonical redhat CWE-416 critical	9.8
2017-12-15	CVE-2017-17405	OS Command Injection vulnerability in multiple products Ruby before 2.4.3 allows Net::FTP command injection. network low complexity ruby-lang debian redhat CWE-78	8.8
2017-12-11	CVE-2017-1000407	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. low complexity redhat linux debian canonical CWE-754	7.4