Vulnerabilities > Redhat > Enterprise Linux Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2016-6814 Deserialization of Untrusted Data vulnerability in multiple products
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g.
network
low complexity
apache redhat CWE-502
critical
 9.8
9.8
2018-01-03 CVE-2017-18017 Use After Free vulnerability in multiple products
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
network
low complexity
linux debian arista f5 suse opensuse openstack canonical redhat CWE-416
critical
 9.8
9.8
2017-12-09 CVE-2017-11213 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 9.8
9.8
2017-12-09 CVE-2017-11215 Use After Free vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-416
critical
 9.8
9.8
2017-12-09 CVE-2017-11225 Use After Free vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-416
critical
 9.8
9.8
2017-12-09 CVE-2017-3112 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 9.8
9.8
2017-12-09 CVE-2017-3114 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 9.8
9.8
2017-12-01 CVE-2017-11281 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function.
network
low complexity
adobe redhat CWE-119
critical
 9.8
9.8
2017-12-01 CVE-2017-11282 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser.
network
low complexity
adobe redhat CWE-119
critical
 9.8
9.8
2017-11-27 CVE-2017-14746 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
network
low complexity
samba redhat debian canonical CWE-416
critical
 9.8
9.8