Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15440 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-18390 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Leap, Enterprise Linux and 1 more | 2024-11-21 | 7.1 High |
| An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. | ||||
| CVE-2019-18389 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Leap, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. | ||||
| CVE-2019-18282 | 4 Debian, Linux, Netapp and 1 more | 21 Debian Linux, Linux Kernel, 8300 and 18 more | 2024-11-21 | 5.3 Medium |
| The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashrnd value remains the same starting from boot time, and can be inferred by an attacker. This affects net/core/flow_dissector.c and related code. | ||||
| CVE-2019-18281 | 3 Debian, Qt, Redhat | 3 Debian Linux, Qtbase, Enterprise Linux | 2024-11-21 | 4.3 Medium |
| An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. | ||||
| CVE-2019-18277 | 2 Haproxy, Redhat | 4 Haproxy, Enterprise Linux, Openshift and 1 more | 2024-11-21 | 7.5 High |
| A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification). | ||||
| CVE-2019-18224 | 2 Gnu, Redhat | 2 Libidn2, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. | ||||
| CVE-2019-18218 | 7 Canonical, Debian, Fedoraproject and 4 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-11-21 | 7.8 High |
| cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). | ||||
| CVE-2019-18197 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-11-21 | 7.5 High |
| In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. | ||||
| CVE-2019-17666 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 8.8 High |
| rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | ||||
| CVE-2019-17639 | 2 Eclipse, Redhat | 3 Openj9, Enterprise Linux, Rhel Extras | 2024-11-21 | 5.3 Medium |
| In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type. | ||||
| CVE-2019-17631 | 2 Eclipse, Redhat | 9 Openj9, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2024-11-21 | 9.1 Critical |
| From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. | ||||
| CVE-2019-17626 | 2 Redhat, Reportlab | 3 Enterprise Linux, Rhel E4s, Reportlab | 2024-11-21 | 9.8 Critical |
| ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code. | ||||
| CVE-2019-17596 | 6 Arista, Debian, Fedoraproject and 3 more | 13 Cloudvision Portal, Eos, Mos and 10 more | 2024-11-21 | 7.5 High |
| Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. | ||||
| CVE-2019-17595 | 3 Gnu, Opensuse, Redhat | 3 Ncurses, Leap, Enterprise Linux | 2024-11-21 | 5.4 Medium |
| There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||||
| CVE-2019-17594 | 3 Gnu, Opensuse, Redhat | 3 Ncurses, Leap, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||||
| CVE-2019-17571 | 7 Apache, Canonical, Debian and 4 more | 26 Bookkeeper, Log4j, Ubuntu Linux and 23 more | 2024-11-21 | 9.8 Critical |
| Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. | ||||
| CVE-2019-17570 | 5 Apache, Canonical, Debian and 2 more | 8 Xml-rpc, Ubuntu Linux, Debian Linux and 5 more | 2024-11-21 | 9.8 Critical |
| An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. | ||||
| CVE-2019-17563 | 6 Apache, Canonical, Debian and 3 more | 14 Tomcat, Ubuntu Linux, Debian Linux and 11 more | 2024-11-21 | 7.5 High |
| When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. | ||||
| CVE-2019-17541 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | 8.8 High |
| ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. | ||||
| CVE-2019-17540 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-11-21 | 8.8 High |
| ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | ||||