Vulnerabilities > Redhat > Enterprise Linux Server AUS > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-10-19 CVE-2017-10348 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle redhat netapp debian
5.3
5.3
2017-10-19 CVE-2017-10347 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle debian redhat netapp
5.3
5.3
2017-10-19 CVE-2017-10295 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle debian redhat netapp
4.0
4.0
2017-10-19 CVE-2017-10281 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle debian redhat netapp
5.3
5.3
2017-10-19 CVE-2017-10274 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO).
network
high complexity
oracle debian redhat netapp
6.8
6.8
2017-10-19 CVE-2017-10268 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
local
high complexity
oracle debian redhat mariadb netapp
4.1
4.1
2017-09-19 CVE-2015-7837 7PK - Security Features vulnerability in Redhat products
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
local
low complexity
redhat CWE-254
5.5
5.5
2017-08-10 CVE-2016-6794 When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager.
network
low complexity
apache debian redhat netapp canonical oracle
5.3
5.3
2017-08-10 CVE-2016-0762 Information Exposure Through Discrepancy vulnerability in multiple products
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist.
network
high complexity
apache canonical debian redhat netapp oracle CWE-203
5.9
5.9
2017-08-08 CVE-2017-3651 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump).
network
low complexity
oracle mariadb debian redhat
4.3
4.3