Enterprise Linux Server EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-19	CVE-2018-2796	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). network low complexity oracle redhat debian canonical hp schneider-electric	5.3
2018-04-19	CVE-2018-2795	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network low complexity oracle redhat debian canonical hp schneider-electric	5.3
2018-04-19	CVE-2018-2794	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). local high complexity oracle redhat debian canonical hp schneider-electric	7.7
2018-04-19	CVE-2018-2790	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian canonical hp schneider-electric	3.1
2018-04-18	CVE-2018-10194	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. local low complexity artifex canonical debian redhat CWE-119	7.8
2018-04-12	CVE-2018-1086	Information Exposure vulnerability in multiple products pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. network low complexity clusterlabs debian redhat CWE-200	7.5
2018-04-06	CVE-2018-1000156	Improper Input Validation vulnerability in multiple products GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. local low complexity gnu canonical debian redhat CWE-20	7.8
2018-03-30	CVE-2018-7566	Race Condition vulnerability in multiple products The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. local low complexity linux suse canonical debian redhat oracle CWE-362	7.8
2018-03-23	CVE-2018-1000140	Out-of-bounds Write vulnerability in multiple products rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. network low complexity rsyslog debian canonical redhat CWE-787 critical	9.8
2018-03-16	CVE-2018-1068	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. local low complexity linux canonical debian redhat CWE-787	6.7