Redhat: >> Enterprise Linux >> 6.0 Security Vulnerabilities
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.351
Published
2017-05-09
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.02
Published
2017-05-09
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.02
Published
2017-05-09
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.016
Published
2017-05-09
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.02
Published
2017-05-09
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.018
Published
2017-05-09
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.02
Published
2017-05-09
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.94
Published
2017-04-17
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-04-12
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities
CVSS Score
3.3
EPSS Score
0.001
Published
2017-03-03