Vulnerabilities > Redhat > Enterprise Linux Server AUS > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2016-9401 | Use After Free vulnerability in multiple products popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | 2.1 |
| 2016-06-09 | CVE-2016-2150 | Improper Access Control vulnerability in multiple products SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. | 3.6 |
| 2016-05-23 | CVE-2016-4578 | Information Exposure vulnerability in Linux Kernel sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. | 2.1 |
| 2016-05-05 | CVE-2016-3716 | Permissions, Privileges, and Access Controls vulnerability in multiple products The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. | 3.3 |
| 2016-04-21 | CVE-2016-0651 | Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. | 3.5 |
| 2016-04-21 | CVE-2016-0695 | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. | 2.6 |
| 2016-02-13 | CVE-2015-8629 | Out-of-bounds Read vulnerability in multiple products The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string. | 2.1 |
| 2016-01-21 | CVE-2016-0598 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. | 3.5 |
| 2016-01-21 | CVE-2016-0600 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | 3.5 |
| 2016-01-21 | CVE-2016-0606 | Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption. | 3.5 |