Redhat Enterprise_linux_server_eus
262 CVEs affecting Redhat Enterprise_linux_server_eus. Latest disclosed: 2017-12-15. Critical: 37, High: 72.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-5740 | Critical | 9.8 | 2017-10-18 | The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smu… |
CVE-2015-5739 | Critical | 9.8 | 2017-10-18 | The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP requ… |
CVE-2017-0903 | Critical | 9.8 | 2017-10-11 | RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can byp… |
CVE-2017-1000116 | Critical | 9.8 | 2017-10-05 | Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. |
CVE-2017-0899 | Critical | 9.8 | 2017-08-31 | RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specifica… |
CVE-2017-14064 | Critical | 9.8 | 2017-08-31 | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ex… |
CVE-2017-5645 | Critical | 9.8 | 2017-04-17 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially… |
CVE-2017-5205 | Critical | 9.8 | 2017-01-28 | The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). |
CVE-2017-5204 | Critical | 9.8 | 2017-01-28 | The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). |
CVE-2017-5203 | Critical | 9.8 | 2017-01-28 | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). |
CVE-2017-5202 | Critical | 9.8 | 2017-01-28 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). |
CVE-2016-6662 | Critical | 9.8 | 2016-09-20 | Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Perco… |
CVE-2016-4448 | Critical | 9.8 | 2016-06-09 | Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. |
CVE-2016-0749 | Critical | 9.8 | 2016-06-09 | The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors… |
CVE-2015-4643 | Critical | 9.8 | 2016-05-16 | Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to e… |
CVE-2015-4603 | Critical | 9.8 | 2016-05-16 | The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to… |
CVE-2015-4602 | Critical | 9.8 | 2016-05-16 | The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attacker… |
CVE-2015-4601 | Critical | 9.8 | 2016-05-16 | PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type… |
CVE-2015-4600 | Critical | 9.8 | 2016-05-16 | The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (applicati… |
CVE-2015-4599 | Critical | 9.8 | 2016-05-16 | The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensiti… |