Vulnerabilities > Redhat > Enterprise Linux Server EUS > 7.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-16 | CVE-2017-3137 | Reachable Assertion vulnerability in multiple products Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. | 7.5 |
| 2019-01-16 | CVE-2017-3136 | Reachable Assertion vulnerability in multiple products A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. | 5.9 |
| 2019-01-16 | CVE-2017-3135 | NULL Pointer Dereference vulnerability in multiple products Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. | 5.9 |
| 2019-01-11 | CVE-2018-16865 | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. | 7.8 |
| 2018-12-12 | CVE-2018-18397 | Incorrect Authorization vulnerability in multiple products The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. | 5.5 |
| 2018-11-26 | CVE-2018-14646 | NULL Pointer Dereference vulnerability in multiple products The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. | 5.5 |
| 2018-10-31 | CVE-2016-2125 | Improper Input Validation vulnerability in multiple products It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. | 6.5 |
| 2018-10-18 | CVE-2018-5188 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. | 9.8 |
| 2018-10-18 | CVE-2018-5156 | Improper Input Validation vulnerability in multiple products A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. | 9.8 |
| 2018-10-18 | CVE-2018-12387 | Improper Input Validation vulnerability in multiple products A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. | 9.1 |