Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Subscriptions
Total 15440 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-11039 4 Debian, Opensuse, Php and 1 more 6 Debian Linux, Leap, Php and 3 more 2024-11-21 9.1 Critical
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
CVE-2019-11038 8 Canonical, Debian, Fedoraproject and 5 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2024-11-21 5.3 Medium
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
CVE-2019-11036 6 Canonical, Debian, Fedoraproject and 3 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 9.1 Critical
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
CVE-2019-11035 6 Canonical, Debian, Netapp and 3 more 8 Ubuntu Linux, Debian Linux, Storage Automation Store and 5 more 2024-11-21 9.1 Critical
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
CVE-2019-11034 6 Canonical, Debian, Netapp and 3 more 8 Ubuntu Linux, Debian Linux, Storage Automation Store and 5 more 2024-11-21 9.1 Critical
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
CVE-2019-10906 5 Canonical, Fedoraproject, Opensuse and 2 more 9 Ubuntu Linux, Fedora, Leap and 6 more 2024-11-21 8.6 High
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
CVE-2019-10871 2 Freedesktop, Redhat 2 Poppler, Enterprise Linux 2024-11-21 N/A
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
CVE-2019-10747 2 Redhat, Set-value Project 3 Enterprise Linux, Rhel Software Collections, Set-value 2024-11-21 9.8 Critical
set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads.
CVE-2019-10746 4 Fedoraproject, Mixin-deep Project, Oracle and 1 more 5 Fedora, Mixin-deep, Communications Cloud Native Core Network Function Cloud Native Environment and 2 more 2024-11-21 9.8 Critical
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
CVE-2019-10650 3 Debian, Imagemagick, Redhat 3 Debian Linux, Imagemagick, Enterprise Linux 2024-11-21 N/A
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
CVE-2019-10639 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 N/A
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.
CVE-2019-10638 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt 2024-11-21 N/A
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.
CVE-2019-10245 2 Eclipse, Redhat 8 Openj9, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 7.5 High
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.
CVE-2019-10224 2 Fedoraproject, Redhat 2 389 Directory Server, Enterprise Linux 2024-11-21 4.6 Medium
A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.
CVE-2019-10221 2 Dogtagpki, Redhat 3 Dogtagpki, Enterprise Linux, Rhel Eus 2024-11-21 4.3 Medium
A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.
CVE-2019-10218 3 Fedoraproject, Redhat, Samba 4 Fedora, Enterprise Linux, Storage and 1 more 2024-11-21 6.5 Medium
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
CVE-2019-10216 2 Artifex, Redhat 10 Ghostscript, 3scale Amp, 3scale Api Management and 7 more 2024-11-21 7.8 High
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
CVE-2019-10214 5 Buildah Project, Libpod Project, Opensuse and 2 more 7 Buildah, Libpod, Leap and 4 more 2024-11-21 5.9 Medium
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.
CVE-2019-10213 1 Redhat 3 Enterprise Linux, Openshift, Openshift Container Platform 2024-11-21 6.5 Medium
OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.
CVE-2019-10212 2 Netapp, Redhat 9 Active Iq Unified Manager, Enterprise Linux, Jboss Data Grid and 6 more 2024-11-21 9.8 Critical
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.