Security Vulnerabilities - CVEs Published In June 2017
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-06-08
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-06-08
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-06-08
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.011
Published
2017-06-08
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
CVSS Score
9.8
EPSS Score
0.03
Published
2017-06-08
The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-06-08
SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-06-08
Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-06-08
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-08
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2017-06-08