Vulnerabilities > Redhat > Enterprise Linux Server TUS > 7.4

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-02	CVE-2018-10675	Use After Free vulnerability in multiple products The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. local low complexity linux redhat canonical CWE-416	7.8
2018-04-24	CVE-2017-2885	Out-of-bounds Write vulnerability in multiple products An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. network low complexity gnome debian redhat CWE-787 critical	9.8
2018-04-06	CVE-2018-1000156	Improper Input Validation vulnerability in multiple products GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. local low complexity gnu canonical debian redhat CWE-20	7.8
2018-03-23	CVE-2018-1000140	Out-of-bounds Write vulnerability in multiple products rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. network low complexity rsyslog debian canonical redhat CWE-787 critical	9.8
2018-03-20	CVE-2018-8088	org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. network low complexity qos redhat oracle critical	9.8
2018-02-19	CVE-2018-5379	Double Free vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. network low complexity quagga debian canonical redhat siemens CWE-415 critical	9.8
2018-02-16	CVE-2018-1049	Race Condition vulnerability in multiple products In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. network high complexity systemd-project redhat canonical debian CWE-362	5.9
2018-02-09	CVE-2018-6871	LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. network low complexity libreoffice debian canonical redhat critical	9.8
2018-01-23	CVE-2018-5950	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. network low complexity gnu debian canonical redhat CWE-79	6.1
2018-01-18	CVE-2018-2678	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network low complexity oracle redhat debian canonical schneider-electric hp	4.3