Vulnerabilities > Redhat > Openstack

DATE CVE VULNERABILITY TITLE RISK
2017-10-19 CVE-2017-10378 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian redhat netapp
6.5
2017-10-19 CVE-2017-10268 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
local
high complexity
oracle debian redhat mariadb netapp
4.1
2017-08-08 CVE-2017-3653 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
high complexity
oracle debian redhat mariadb
3.1
2017-08-08 CVE-2017-3651 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump).
network
low complexity
oracle mariadb debian redhat
4.3
2017-08-08 CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian redhat mariadb
4.9
2017-08-08 CVE-2017-3636 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
local
low complexity
oracle debian redhat mariadb
5.3
2017-08-02 CVE-2017-10664 qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
network
low complexity
qemu debian redhat
7.5
2017-07-25 CVE-2017-7980 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.
local
low complexity
qemu canonical debian redhat CWE-119
7.8
2017-05-23 CVE-2017-9214 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
network
low complexity
openvswitch debian redhat CWE-191
critical
9.8
2017-05-23 CVE-2017-8379 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
local
low complexity
qemu debian redhat CWE-772
6.5