Vulnerabilities > Redhat > Enterprise Linux Server EUS > 7.5

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-16	CVE-2018-1049	Race Condition vulnerability in multiple products In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. network high complexity systemd-project redhat canonical debian CWE-362	5.9
2018-02-09	CVE-2018-6871	LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. network low complexity libreoffice debian canonical redhat critical	9.8
2018-02-02	CVE-2018-6560	Interpretation Conflict vulnerability in multiple products In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon. local low complexity flatpak redhat CWE-436	8.8
2018-01-25	CVE-2018-5748	Resource Exhaustion vulnerability in multiple products qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. network low complexity redhat debian CWE-400	7.5
2018-01-24	CVE-2018-1000007	libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. network low complexity haxx debian canonical redhat fujitsu critical	9.8
2018-01-23	CVE-2018-5950	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. network low complexity gnu debian canonical redhat CWE-79	6.1
2018-01-18	CVE-2018-2678	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network low complexity oracle redhat debian canonical schneider-electric hp	4.3
2018-01-18	CVE-2018-2677	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). network low complexity oracle redhat debian canonical schneider-electric hp	4.3
2018-01-18	CVE-2018-2663	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). network low complexity oracle redhat debian canonical schneider-electric hp	4.3
2018-01-18	CVE-2018-2657	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). network low complexity oracle redhat schneider-electric hp	5.3