Vulnerabilities > Redhat > High

DATE CVE VULNERABILITY TITLE RISK
2016-11-08 CVE-2016-7861 Incorrect Type Conversion or Cast vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability.
network
low complexity
adobe redhat CWE-704
8.8
8.8
2016-11-08 CVE-2016-7860 Incorrect Type Conversion or Cast vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability.
network
low complexity
adobe redhat CWE-704
8.8
8.8
2016-11-08 CVE-2016-7859 Use After Free vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-11-08 CVE-2016-7858 Use After Free vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-11-08 CVE-2016-7857 Use After Free vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-11-02 CVE-2016-8864 Reachable Assertion vulnerability in multiple products
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
network
low complexity
isc netapp redhat debian CWE-617
7.5
7.5
2016-11-01 CVE-2016-7855 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-10-13 CVE-2016-4286 Improper Access Control vulnerability in multiple products
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
network
low complexity
adobe redhat CWE-284
8.8
8.8
2016-10-13 CVE-2016-7065 Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform 4.0.0/5.0.0
The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object.
network
low complexity
redhat CWE-502
8.8
8.8
2016-10-07 CVE-2016-7040 Improper Access Control vulnerability in Redhat Cloudforms Management Engine 4.1
Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections.
network
low complexity
redhat CWE-284
8.8
8.8