Vulnerabilities > Redhat > Enterprise Linux Workstation > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3453 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian mariadb redhat
6.5
6.5
2017-04-19 CVE-2016-5410 Improper Authentication vulnerability in multiple products
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
local
low complexity
firewalld redhat CWE-287
5.5
5.5
2017-04-11 CVE-2016-5011 The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
low complexity
kernel redhat ibm
4.6
4.6
2017-03-15 CVE-2015-8896 Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
network
low complexity
imagemagick oracle redhat
6.5
6.5
2017-02-16 CVE-2017-6011 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-125
5.5
5.5
2017-02-16 CVE-2017-6010 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-119
5.5
5.5
2017-02-16 CVE-2017-6009 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-119
5.5
5.5
2017-01-30 CVE-2016-2518 Out-of-bounds Read vulnerability in multiple products
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
network
low complexity
ntp debian netapp oracle redhat freebsd siemens CWE-125
5.3
5.3
2017-01-27 CVE-2017-3318 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling).
local
high complexity
oracle debian redhat mariadb
4.0
4.0
2017-01-27 CVE-2017-3317 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging).
local
high complexity
oracle debian redhat mariadb
4.0
4.0