Vulnerabilities > Redhat > Enterprise Linux Server TUS > 7.4

DATE CVE VULNERABILITY TITLE RISK
2017-10-19 CVE-2017-10285 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI).
network
low complexity
oracle debian redhat netapp
critical
 9.6
9.6
2017-10-19 CVE-2017-10281 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle debian redhat netapp
5.3
5.3
2017-10-19 CVE-2017-10274 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO).
network
high complexity
oracle debian redhat netapp
6.8
6.8
2017-10-11 CVE-2017-0903 Deserialization of Untrusted Data vulnerability in multiple products
RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability.
network
low complexity
rubygems debian canonical redhat CWE-502
critical
 9.8
9.8
2017-10-05 CVE-2017-1000116 OS Command Injection vulnerability in multiple products
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
network
low complexity
mercurial debian redhat CWE-78
critical
 9.8
9.8
2017-10-05 CVE-2017-1000115 Link Following vulnerability in multiple products
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
network
low complexity
mercurial debian redhat CWE-59
7.5
7.5
2017-10-05 CVE-2017-1000111 Out-of-bounds Write vulnerability in multiple products
Linux kernel: heap out-of-bounds in AF_PACKET sockets.
local
low complexity
linux redhat debian CWE-787
7.8
7.8
2017-10-04 CVE-2017-12617 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g.
network
high complexity
apache canonical oracle debian netapp redhat CWE-434
8.1
8.1
2017-09-19 CVE-2017-12615 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g.
network
high complexity
apache netapp redhat CWE-434
8.1
8.1
2017-09-12 CVE-2017-1000251 Out-of-bounds Write vulnerability in multiple products
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
low complexity
linux debian nvidia redhat CWE-787
8.0
8.0