Enterprise Linux Server Tus Security Vulnerabilities and Issues — Enterprise Linux Server Tus CVE List

Lucene search

RedhatEnterprise Linux Server Tus

8 matches found

CVE•added 2018/07/06 2:29 p.m.•604 views

CVE-2018-13405

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigge...

7.8CVSS6.5AI score0.00157EPSS

CVE•added 2018/07/18 1:29 p.m.•363 views

CVE-2018-2952

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated at...

4.3CVSS4AI score0.0005EPSS

CVE•added 2018/07/10 9:29 p.m.•285 views

CVE-2018-3693

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

5.6CVSS6.3AI score0.01192EPSS

CVE•added 2018/07/26 7:29 p.m.•260 views

CVE-2017-18344

The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applic...

5.5CVSS6.1AI score0.09371EPSS

CVE•added 2018/07/18 1:29 p.m.•259 views

CVE-2018-2767

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multi...

3.5CVSS3.6AI score0.00383EPSS

CVE•added 2018/07/17 5:29 p.m.•246 views

CVE-2018-14362

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.

9.8CVSS9.1AI score0.0268EPSS

CVE•added 2018/07/17 5:29 p.m.•223 views

CVE-2018-14354

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.

9.8CVSS9.7AI score0.04737EPSS

CVE•added 2018/07/17 5:29 p.m.•218 views

CVE-2018-14357

9.8CVSS9.7AI score0.02785EPSS