Redhat Enterprise Linux Eus vulnerabilities
780 known vulnerabilities affecting redhat/enterprise_linux_eus.
Total CVEs
780
CISA KEV
38
actively exploited
Public exploits
57
Exploited in wild
44
Severity breakdown
CRITICAL156HIGH205MEDIUM352LOW67
Vulnerabilities
Page 21 of 39
CVE-2016-9843CRITICALCVSS 9.8v7.4v7.52017-05-23
CVE-2016-9843 [CRITICAL] CVE-2016-9843: The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unsp
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
nvd
CVE-2016-9842HIGHCVSS 8.8v7.4v7.52017-05-23
CVE-2016-9842 [HIGH] CWE-1335 CVE-2016-9842: The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
nvd
CVE-2016-9840HIGHCVSS 8.8v7.4v7.52017-05-23
CVE-2016-9840 [HIGH] CVE-2016-9840: inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by lever
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
nvd
CVE-2017-8291HIGHCVSS 7.8KEVPoCv7.3v7.4+3 more2017-04-27
CVE-2017-8291 [HIGH] CWE-843 CVE-2017-8291: Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdpa
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
nvd
CVE-2017-3309HIGHCVSS 7.7v7.4v7.5+2 more2017-04-24
CVE-2017-3309 [HIGH] CVE-2017-3309: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is
nvd
CVE-2017-3308HIGHCVSS 7.7v7.4v7.5+2 more2017-04-24
CVE-2017-3308 [HIGH] CVE-2017-3308: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported v
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MyS
nvd
CVE-2017-3456MEDIUMCVSS 4.9v7.4v7.5+2 more2017-04-24
CVE-2017-3456 [MEDIUM] CVE-2017-3456: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported v
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vul
nvd
CVE-2017-3453MEDIUMCVSS 6.5v7.4v7.5+2 more2017-04-24
CVE-2017-3453 [MEDIUM] CVE-2017-3453: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi
nvd
CVE-2016-1908CRITICALCVSS 9.8v7.2v7.3+4 more2017-04-11
CVE-2016-1908 [CRITICAL] CWE-287 CVE-2016-1908: The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding an
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SEC
nvd
CVE-2016-5011MEDIUMCVSS 4.6v7.3v7.4+3 more2017-04-11
CVE-2016-5011 [MEDIUM] CVE-2016-5011: The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows phy
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
nvd
CVE-2015-8896MEDIUMCVSS 6.5v7.2v7.3+4 more2017-03-15
CVE-2015-8896 [MEDIUM] CVE-2015-8896: Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to c
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
nvd
CVE-2016-9560HIGHCVSS 7.8v7.3v7.4+3 more2017-02-15
CVE-2016-9560 [HIGH] CWE-787 CVE-2016-9560: Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
nvd
CVE-2017-5848HIGHCVSS 7.5v7.4v7.5+2 more2017-02-09
CVE-2017-5848 [HIGH] CWE-125 CVE-2017-5848: The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
nvd
CVE-2017-3243MEDIUMCVSS 4.4v7.4v7.5+2 more2017-01-27
CVE-2017-3243 [MEDIUM] CVE-2017-3243: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Suppor
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized
nvd
CVE-2017-3258MEDIUMCVSS 6.5v7.4v7.5+2 more2017-01-27
CVE-2017-3258 [MEDIUM] CWE-20 CVE-2017-3258: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
nvd
CVE-2017-3244MEDIUMCVSS 6.5v7.4v7.5+2 more2017-01-27
CVE-2017-3244 [MEDIUM] CVE-2017-3244: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported v
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner
nvd
CVE-2017-3313MEDIUMCVSS 4.7v6.52017-01-27
CVE-2017-3313 [MEDIUM] CVE-2017-3313: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supporte
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful
nvd
CVE-2017-3265MEDIUMCVSS 5.6v7.4v7.5+2 more2017-01-27
CVE-2017-3265 [MEDIUM] CVE-2017-3265: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Succes
nvd
CVE-2017-3291MEDIUMCVSS 6.3v7.4v7.5+2 more2017-01-27
CVE-2017-3291 [MEDIUM] CVE-2017-3291: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Succes
nvd
CVE-2017-3318MEDIUMCVSS 4.0v7.4v7.5+2 more2017-01-27
CVE-2017-3318 [MEDIUM] CVE-2017-3318: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling).
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Su
nvd