Vulnerabilities > Redhat > Enterprise Linux Server AUS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-01-27 | CVE-2017-3258 | Improper Input Validation vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 6.5 |
2017-01-27 | CVE-2017-3244 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 6.5 |
2017-01-27 | CVE-2017-3243 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). | 4.4 |
2017-01-27 | CVE-2017-3238 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 6.5 |
2017-01-27 | CVE-2016-5824 | Use After Free vulnerability in multiple products libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | 5.5 |
2017-01-23 | CVE-2016-9446 | Improper Initialization vulnerability in multiple products The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. | 7.5 |
2017-01-23 | CVE-2016-9401 | Use After Free vulnerability in multiple products popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | 5.5 |
2017-01-13 | CVE-2016-9811 | Out-of-bounds Read vulnerability in multiple products The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file. | 4.7 |
2017-01-13 | CVE-2016-7426 | Resource Exhaustion vulnerability in multiple products NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address. | 7.5 |
2017-01-12 | CVE-2016-9131 | Improper Input Validation vulnerability in multiple products named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. | 7.5 |