Enterprise Linux Server TUS

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-24	CVE-2017-3309	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle debian mariadb redhat	4.0
2017-04-24	CVE-2017-3308	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian mariadb redhat	4.0
2017-04-17	CVE-2017-5645	Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. network low complexity apache netapp redhat oracle CWE-502 critical	9.8
2017-04-11	CVE-2016-1908	Improper Authentication vulnerability in multiple products The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. network low complexity openbsd debian oracle redhat CWE-287 critical	9.8
2017-04-11	CVE-2016-5011	The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. local low complexity kernel redhat ibm	4.9
2017-03-15	CVE-2015-8896	Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. network imagemagick oracle redhat	4.3
2017-02-16	CVE-2017-6011	Out-of-bounds Read vulnerability in multiple products An issue was discovered in icoutils 0.31.1. network icoutils-project debian redhat CWE-125	4.3
2017-02-16	CVE-2017-6010	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in icoutils 0.31.1. network icoutils-project debian redhat CWE-119	4.3
2017-02-16	CVE-2017-6009	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in icoutils 0.31.1. network icoutils-project debian redhat CWE-119	4.3
2017-02-15	CVE-2016-9560	Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. network jasper-project debian redhat CWE-787	6.8