Vulnerabilities > Redhat > Enterprise Linux Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-27 CVE-2017-3258 Improper Input Validation vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian redhat CWE-20
6.5
2017-01-27 CVE-2017-3244 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian mariadb redhat
6.5
2017-01-27 CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets).
network
high complexity
oracle mariadb debian redhat
4.4
2017-01-27 CVE-2017-3238 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian mariadb redhat
6.5
2017-01-27 CVE-2016-5824 Use After Free vulnerability in multiple products
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
local
low complexity
libical-project canonical redhat CWE-416
5.5
2017-01-23 CVE-2016-9401 Use After Free vulnerability in multiple products
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
local
low complexity
gnu debian redhat CWE-416
5.5
2017-01-13 CVE-2016-9811 Out-of-bounds Read vulnerability in multiple products
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
local
high complexity
gstreamer fedoraproject debian redhat CWE-125
4.7
2016-12-22 CVE-2016-7091 Information Exposure vulnerability in Redhat products
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure.
local
low complexity
redhat CWE-200
4.4
2016-10-25 CVE-2016-5629 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
network
low complexity
oracle mariadb redhat
4.9
2016-10-25 CVE-2016-5626 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
network
low complexity
oracle mariadb redhat
6.5