Vulnerabilities > Redhat > Enterprise Linux Server TUS > High

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2018-2633 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 8.3
2018-01-18 CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition).
network
low complexity
oracle mariadb debian canonical netapp redhat
7.1
2018-01-12 CVE-2018-5345 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
7.8
2017-12-15 CVE-2017-17405 OS Command Injection vulnerability in multiple products
Ruby before 2.4.3 allows Net::FTP command injection.
network
low complexity
ruby-lang debian redhat CWE-78
8.8
2017-12-11 CVE-2017-1000407 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
7.4
2017-12-07 CVE-2017-1000410 Information Exposure vulnerability in multiple products
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages.
network
low complexity
linux debian redhat CWE-200
7.5
2017-11-13 CVE-2016-8610 A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. 7.5
2017-11-06 CVE-2015-7529 Link Following vulnerability in multiple products
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
local
low complexity
sos-project canonical redhat CWE-59
7.8
2017-10-24 CVE-2017-12613 Out-of-bounds Read vulnerability in multiple products
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
local
low complexity
apache debian redhat CWE-125
7.1
2017-10-19 CVE-2017-10388 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle redhat netapp debian
7.5