Enterprise Linux Workstation

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2018-2588	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). network low complexity oracle redhat debian canonical schneider-electric hp	4.3
2018-01-18	CVE-2018-2582	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network low complexity oracle redhat debian canonical schneider-electric hp	6.5
2018-01-18	CVE-2018-2579	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle redhat debian canonical schneider-electric hp	3.7
2018-01-18	CVE-2018-2562	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). network low complexity oracle mariadb debian canonical netapp redhat	7.1
2018-01-12	CVE-2018-5344	Use After Free vulnerability in multiple products In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact. local low complexity linux canonical redhat CWE-416	7.8
2018-01-12	CVE-2018-5345	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file. local low complexity fedoraproject gnome canonical debian redhat CWE-787	7.8
2018-01-09	CVE-2018-4871	Out-of-bounds Read vulnerability in multiple products An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. network low complexity redhat adobe CWE-125	7.5
2018-01-09	CVE-2017-15129	Race Condition vulnerability in multiple products A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. local high complexity linux fedoraproject canonical redhat CWE-362	4.7
2018-01-03	CVE-2017-18017	Use After Free vulnerability in multiple products The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. network low complexity linux debian arista f5 suse opensuse openstack canonical redhat CWE-416 critical	9.8
2017-12-18	CVE-2017-16997	Untrusted Search Path vulnerability in multiple products elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. local low complexity gnu redhat CWE-426	7.8