Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2017-05-18 CVE-2017-7503 XXE vulnerability in Redhat Jboss Enterprise Application Platform 7.0.5
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE.
network
low complexity
redhat CWE-611
critical
 9.8
9.8
2017-05-09 CVE-2017-3074 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3073 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3072 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3071 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3070 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3069 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3068 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-04-27 CVE-2017-8291 Type Confusion vulnerability in multiple products
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
local
low complexity
artifex debian redhat CWE-843
7.8
7.8
2017-04-24 CVE-2017-5046 V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.
network
low complexity
google redhat debian
4.3
4.3