Vulnerabilities > Redhat > Enterprise Linux Server TUS > 7.3

DATE CVE VULNERABILITY TITLE RISK
2017-04-27 CVE-2017-8291 Type Confusion vulnerability in multiple products
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
local
low complexity
artifex debian redhat CWE-843
7.8
7.8
2017-04-24 CVE-2017-3544 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian google
3.7
3.7
2017-04-24 CVE-2017-3539 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle redhat debian
3.1
3.1
2017-04-24 CVE-2017-3533 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian
3.7
3.7
2017-04-11 CVE-2016-1908 Improper Authentication vulnerability in multiple products
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
network
low complexity
openbsd debian oracle redhat CWE-287
critical
 9.8
9.8
2017-04-11 CVE-2016-5011 The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
low complexity
kernel redhat ibm
4.6
4.6
2017-03-15 CVE-2015-8896 Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
network
low complexity
imagemagick oracle redhat
6.5
6.5
2017-02-16 CVE-2017-6011 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-125
5.5
5.5
2017-02-16 CVE-2017-6010 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-119
5.5
5.5
2017-02-16 CVE-2017-6009 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-119
5.5
5.5