Shodan
Vulnerabilities
Vulnerable Software
Redhat:  >> Enterprise Linux Server Aus  Security Vulnerabilities
CVE-2016-2107
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
CVSS Score
5.9
EPSS Score
0.789
Published
2016-05-05
CVE-2016-2106
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
CVSS Score
7.5
EPSS Score
0.642
Published
2016-05-05
CVE-2016-2105
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
CVSS Score
7.5
EPSS Score
0.622
Published
2016-05-05
CVE-2016-3427
Known exploited
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CVSS Score
9.8
EPSS Score
0.936
Published
2016-04-21
CVE-2016-0695
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
CVSS Score
5.9
EPSS Score
0.02
Published
2016-04-21
CVE-2016-0651
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CVSS Score
5.5
EPSS Score
0.003
Published
2016-04-21
CVE-2016-0642
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CVSS Score
4.7
EPSS Score
0.004
Published
2016-04-21
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
CVSS Score
8.8
EPSS Score
0.028
Published
2016-04-13
CVE-2016-3068
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
CVSS Score
8.8
EPSS Score
0.051
Published
2016-04-13
CVE-2016-2857
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
CVSS Score
8.4
EPSS Score
0.001
Published
2016-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved