Vulnerabilities > Redhat > Enterprise Linux Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-15 CVE-2017-17405 OS Command Injection vulnerability in multiple products
Ruby before 2.4.3 allows Net::FTP command injection.
network
ruby-lang debian redhat CWE-78
critical
 9.3
9.3
2017-12-09 CVE-2017-11213 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 10.0
10
2017-12-09 CVE-2017-11215 Use After Free vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-416
critical
 10.0
10
2017-12-09 CVE-2017-11225 Use After Free vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-416
critical
 10.0
10
2017-12-09 CVE-2017-3112 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 10.0
10
2017-12-09 CVE-2017-3114 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 10.0
10
2017-11-21 CVE-2017-7550 Information Exposure Through Log Files vulnerability in Redhat Ansible and Enterprise Linux Server
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module.
network
low complexity
redhat CWE-532
critical
 9.8
9.8
2017-10-27 CVE-2017-5053 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
network
low complexity
google redhat CWE-125
critical
 9.6
9.6
2017-10-19 CVE-2017-10285 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI).
network
low complexity
oracle debian redhat netapp
critical
 9.6
9.6
2017-10-05 CVE-2017-1000116 OS Command Injection vulnerability in multiple products
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
network
low complexity
mercurial debian redhat CWE-78
critical
 10.0
10