Redhat Enterprise Linux Desktop vulnerabilities

CVE-2018-1106 [MEDIUM] CWE-287 CVE-2018-1106: An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without a An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.

CVE-2018-2794 [HIGH] CVE-2018-2794: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supporte Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful

CVE-2018-2755 [HIGH] CVE-2018-2755: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Sup Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful a

CVE-2018-2814 [HIGH] CVE-2018-2814: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful

CVE-2018-2783 [HIGH] CVE-2018-2783: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Ja

CVE-2018-2796 [MEDIUM] CVE-2018-2796: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: C Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Ja

CVE-2018-2800 [MEDIUM] CVE-2018-2800: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported ver Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human intera

CVE-2018-2761 [MEDIUM] CVE-2018-2761: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Support Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulne

CVE-2018-2813 [MEDIUM] CVE-2018-2813: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabilit

CVE-2018-2781 [MEDIUM] CVE-2018-2781: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulne

CVE-2018-2795 [MEDIUM] CVE-2018-2795: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE

CVE-2018-2819 [MEDIUM] CVE-2018-2819: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versio Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can

CVE-2018-2797 [MEDIUM] CVE-2018-2797: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Jav

CVE-2018-2815 [MEDIUM] CVE-2018-2815: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja

CVE-2018-2771 [MEDIUM] CVE-2018-2771: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Support Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulne

CVE-2018-2799 [MEDIUM] CVE-2018-2799: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE E

CVE-2018-2817 [MEDIUM] CVE-2018-2817: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabilit

CVE-2018-2798 [MEDIUM] CVE-2018-2798: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: A Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Jav

CVE-2018-2790 [LOW] CVE-2018-2790: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successfu

CVE-2018-10194 [HIGH] CWE-119 CVE-2018-10194: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Gho The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.