Vulnerabilities > Redhat > Enterprise Linux Server TUS > 7.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-08 | CVE-2018-12020 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. | 5.0 |
2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 2.1 |
2018-05-02 | CVE-2018-10675 | Use After Free vulnerability in multiple products The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. | 7.8 |
2018-04-23 | CVE-2018-1106 | Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. | 2.1 |
2018-04-23 | CVE-2017-17833 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. | 7.5 |
2018-04-19 | CVE-2018-2819 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2817 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 4.0 |
2018-04-19 | CVE-2018-2815 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). | 5.3 |
2018-04-19 | CVE-2018-2814 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |
2018-04-19 | CVE-2018-2813 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 4.0 |