Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2018-2562	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). network low complexity oracle mariadb debian canonical netapp redhat	7.1
2018-01-12	CVE-2018-5345	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file. local low complexity fedoraproject gnome canonical debian redhat CWE-787	7.8
2018-01-09	CVE-2017-15129	Race Condition vulnerability in multiple products A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. local high complexity linux fedoraproject canonical redhat CWE-362	4.7
2018-01-03	CVE-2017-18017	Use After Free vulnerability in multiple products The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. network low complexity linux debian arista f5 suse opensuse openstack canonical redhat CWE-416 critical	9.8
2017-12-15	CVE-2017-17405	OS Command Injection vulnerability in multiple products Ruby before 2.4.3 allows Net::FTP command injection. network low complexity ruby-lang debian redhat CWE-78	8.8
2017-12-11	CVE-2017-1000407	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. low complexity redhat linux debian canonical CWE-754	7.4
2017-12-07	CVE-2017-1000410	Information Exposure vulnerability in multiple products The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. network low complexity linux debian redhat CWE-200	7.5
2017-12-07	CVE-2017-15121	Unspecified vulnerability in Redhat products A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary. local low complexity redhat	5.5
2017-11-20	CVE-2017-3157	Information Exposure vulnerability in multiple products By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. local low complexity apache debian redhat CWE-200	5.5
2017-11-13	CVE-2016-8610	A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. network low complexity openssl debian redhat netapp paloaltonetworks oracle fujitsu	7.5