Enterprise Linux Server TUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-01	CVE-2016-8635	It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. network high complexity mozilla redhat	5.9
2018-07-26	CVE-2017-18344	Out-of-bounds Read vulnerability in multiple products The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). local low complexity linux canonical redhat CWE-125	5.5
2018-07-18	CVE-2018-2952	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). network high complexity oracle debian canonical hp redhat netapp	3.7
2018-07-18	CVE-2018-2767	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). network high complexity oracle debian canonical redhat mariadb netapp	3.1
2018-07-17	CVE-2018-14362	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-119 critical	9.8
2018-07-17	CVE-2018-14357	OS Command Injection vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-78 critical	9.8
2018-07-17	CVE-2018-14354	OS Command Injection vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-78 critical	9.8
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-06-13	CVE-2018-10850	Race Condition vulnerability in multiple products 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. network high complexity fedoraproject redhat debian CWE-362	5.9