Vulnerabilities > Redhat > Enterprise Linux Server EUS > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-07-25 CVE-2015-3149 Link Following vulnerability in Redhat products
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
local
low complexity
redhat CWE-59
5.5
2017-06-22 CVE-2017-9775 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
network
low complexity
freedesktop debian redhat CWE-119
6.5
2017-06-06 CVE-2017-9461 Infinite Loop vulnerability in multiple products
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
network
low complexity
samba redhat debian CWE-835
6.5
2017-04-24 CVE-2017-3600 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump).
network
high complexity
oracle redhat debian mariadb
6.6
2017-04-24 CVE-2017-3464 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle debian redhat mariadb
4.3
2017-02-16 CVE-2017-6011 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-125
5.5
2017-02-16 CVE-2017-6010 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-119
5.5
2017-02-16 CVE-2017-6009 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-119
5.5
2017-01-30 CVE-2016-2518 Out-of-bounds Read vulnerability in multiple products
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
network
low complexity
ntp debian netapp oracle redhat freebsd siemens CWE-125
5.3
2017-01-27 CVE-2016-5824 Use After Free vulnerability in multiple products
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
local
low complexity
libical-project canonical redhat CWE-416
5.5