Enterprise Linux Server TUS

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-02	CVE-2018-10675	Use After Free vulnerability in multiple products The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. local low complexity linux redhat canonical CWE-416	7.8
2018-04-26	CVE-2018-10393	Out-of-bounds Read vulnerability in multiple products bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. network low complexity xiph-org debian redhat CWE-125	7.5
2018-04-26	CVE-2018-10392	Out-of-bounds Write vulnerability in multiple products mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. network low complexity xiph-org debian redhat CWE-787	8.8
2018-04-24	CVE-2017-2885	Out-of-bounds Write vulnerability in multiple products An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. network low complexity gnome debian redhat CWE-787 critical	9.8
2018-04-23	CVE-2018-1106	Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. local low complexity packagekit-project redhat canonical debian CWE-287	5.5
2018-04-23	CVE-2017-17833	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. network low complexity openslp debian canonical redhat lenovo CWE-119 critical	9.8
2018-04-19	CVE-2018-2819	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle mariadb canonical debian redhat netapp	6.5
2018-04-19	CVE-2018-2817	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle canonical debian redhat mariadb netapp	6.5
2018-04-19	CVE-2018-2815	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). network low complexity oracle redhat debian canonical schneider-electric hp	5.3
2018-04-19	CVE-2018-2814	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network high complexity oracle redhat debian canonical schneider-electric hp	8.3