Redhat Enterprise_linux_server_aus
412 CVEs affecting Redhat Enterprise_linux_server_aus. Latest disclosed: 2026-03-31. Critical: 52, High: 97.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-5740 | Critical | 9.8 | 2017-10-18 | The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smu… |
CVE-2015-5739 | Critical | 9.8 | 2017-10-18 | The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP requ… |
CVE-2017-0903 | Critical | 9.8 | 2017-10-11 | RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can byp… |
CVE-2017-15041 | Critical | 9.8 | 2017-10-05 | Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg… |
CVE-2017-1000116 | Critical | 9.8 | 2017-10-05 | Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. |
CVE-2017-12987 | Critical | 9.8 | 2017-09-14 | The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). |
CVE-2017-12902 | Critical | 9.8 | 2017-09-14 | The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. |
CVE-2017-12899 | Critical | 9.8 | 2017-09-14 | The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). |
CVE-2017-12896 | Critical | 9.8 | 2017-09-14 | The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). |
CVE-2017-0899 | Critical | 9.8 | 2017-08-31 | RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specifica… |
CVE-2017-14064 | Critical | 9.8 | 2017-08-31 | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ex… |
CVE-2017-3167 | Critical | 9.8 | 2017-06-20 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may l… |
CVE-2017-5645 | Critical | 9.8 | 2017-04-17 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially… |
CVE-2016-1908 | Critical | 9.8 | 2017-04-11 | The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisio… |
CVE-2017-5205 | Critical | 9.8 | 2017-01-28 | The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). |
CVE-2017-5204 | Critical | 9.8 | 2017-01-28 | The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). |
CVE-2017-5203 | Critical | 9.8 | 2017-01-28 | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). |
CVE-2017-5202 | Critical | 9.8 | 2017-01-28 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). |
CVE-2016-6662 | Critical | 9.8 | 2016-09-20 | Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Perco… |
CVE-2016-4448 | Critical | 9.8 | 2016-06-09 | Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. |