Vulnerabilities > Redhat > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-01-10 CVE-2017-17485 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw.
network
low complexity
fasterxml debian redhat netapp CWE-502
critical
 9.8
9.8
2018-01-03 CVE-2017-18017 Use After Free vulnerability in multiple products
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
network
low complexity
linux debian arista f5 suse opensuse openstack canonical redhat CWE-416
critical
 9.8
9.8
2017-12-29 CVE-2014-0121 Improper Authentication vulnerability in multiple products
The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.
network
low complexity
hawt redhat CWE-287
critical
 9.8
9.8
2017-12-09 CVE-2017-3114 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 9.8
9.8
2017-12-09 CVE-2017-3112 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 9.8
9.8
2017-12-09 CVE-2017-11225 Use After Free vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-416
critical
 9.8
9.8
2017-12-09 CVE-2017-11215 Use After Free vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-416
critical
 9.8
9.8
2017-12-09 CVE-2017-11213 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions.
network
low complexity
redhat adobe CWE-125
critical
 9.8
9.8
2017-12-08 CVE-2017-10906 Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
network
low complexity
fluentd redhat
critical
 9.8
9.8
2017-12-01 CVE-2017-11282 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser.
network
low complexity
adobe redhat CWE-119
critical
 9.8
9.8