Vulnerabilities > Redhat > Enterprise Linux Server TUS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-02 | CVE-2018-6560 | Interpretation Conflict vulnerability in multiple products In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon. | 4.6 |
2018-01-31 | CVE-2018-1000001 | Out-of-bounds Write vulnerability in multiple products In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | 7.2 |
2018-01-26 | CVE-2018-5750 | Information Exposure vulnerability in Linux Kernel The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. | 2.1 |
2018-01-25 | CVE-2018-5748 | Resource Exhaustion vulnerability in multiple products qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. | 5.0 |
2018-01-23 | CVE-2018-5683 | Out-of-bounds Read vulnerability in multiple products The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | 2.1 |
2018-01-23 | CVE-2018-5950 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. | 6.1 |
2018-01-18 | CVE-2018-2678 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 4.3 |
2018-01-18 | CVE-2018-2677 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). | 4.3 |
2018-01-18 | CVE-2018-2668 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 6.8 |
2018-01-18 | CVE-2018-2665 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 6.8 |