Vulnerabilities > Redhat > Enterprise Linux Workstation > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-07-27 CVE-2017-2625 It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys.
local
low complexity
x-org redhat
5.5
5.5
2018-07-26 CVE-2017-18344 Out-of-bounds Read vulnerability in multiple products
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read).
local
low complexity
linux canonical redhat CWE-125
5.5
5.5
2018-07-26 CVE-2018-10881 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
debian canonical linux redhat
5.5
5.5
2018-07-26 CVE-2017-12171 A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly.
network
low complexity
redhat apache
6.5
6.5
2018-07-26 CVE-2017-7562 An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates.
network
low complexity
redhat mit
6.5
6.5
2018-07-25 CVE-2018-13988 Out-of-bounds Read vulnerability in multiple products
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite.
network
low complexity
freedesktop canonical debian redhat CWE-125
6.5
6.5
2018-07-25 CVE-2018-1002200 Path Traversal vulnerability in multiple products
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.
local
low complexity
codehaus-plexus redhat debian CWE-22
5.5
5.5
2018-07-18 CVE-2018-3081 Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs).
network
high complexity
oracle netapp canonical debian mariadb redhat
5.0
5.0
2018-07-18 CVE-2018-3058 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM).
network
low complexity
oracle netapp canonical debian mariadb redhat
4.3
4.3
2018-07-18 CVE-2018-2973 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE).
network
high complexity
oracle redhat netapp hp
5.9
5.9