Vulnerabilities > Redhat > Enterprise Linux Server AUS > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-01-23 CVE-2018-5683 Out-of-bounds Read vulnerability in multiple products
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
local
low complexity
qemu debian redhat canonical CWE-125
6.0
2018-01-23 CVE-2018-5950 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
network
low complexity
gnu debian canonical redhat CWE-79
6.1
2018-01-18 CVE-2018-2678 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 4.3
2018-01-18 CVE-2018-2677 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 4.3
2018-01-18 CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
2018-01-18 CVE-2018-2665 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
2018-01-18 CVE-2018-2663 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). 4.3
2018-01-18 CVE-2018-2641 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 6.1
2018-01-18 CVE-2018-2640 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
2018-01-18 CVE-2018-2634 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). 6.8