Vulnerabilities > Redhat > Enterprise Linux Server EUS > 7.5

DATE CVE VULNERABILITY TITLE RISK
2017-08-22 CVE-2017-5208 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
network
low complexity
icoutils-project debian redhat CWE-190
8.8
8.8
2017-08-19 CVE-2017-10661 Use After Free vulnerability in multiple products
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
local
high complexity
linux redhat debian CWE-416
7.0
7.0
2017-08-08 CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian redhat mariadb
4.9
4.9
2017-08-08 CVE-2017-3636 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
local
low complexity
oracle debian redhat mariadb
5.3
5.3
2017-08-07 CVE-2015-7852 Improper Input Validation vulnerability in multiple products
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
network
high complexity
ntp debian netapp oracle redhat CWE-20
5.9
5.9
2017-08-07 CVE-2015-7704 Improper Input Validation vulnerability in multiple products
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
network
low complexity
ntp debian netapp redhat mcafee citrix CWE-20
7.5
7.5
2017-08-07 CVE-2015-7702 Improper Input Validation vulnerability in multiple products
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash).
network
low complexity
ntp oracle debian netapp redhat CWE-20
6.5
6.5
2017-08-07 CVE-2015-7701 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
network
low complexity
ntp oracle debian netapp redhat CWE-772
7.5
7.5
2017-08-07 CVE-2015-7692 Improper Input Validation vulnerability in multiple products
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash).
network
low complexity
ntp oracle debian netapp redhat CWE-20
7.5
7.5
2017-08-07 CVE-2015-7691 Improper Input Validation vulnerability in multiple products
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations.
network
low complexity
ntp oracle debian netapp redhat CWE-20
7.5
7.5