Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13592 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-20446 | 7 Canonical, Debian, Fedoraproject and 4 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-08-05 | 6.5 Medium |
| In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially. | ||||
| CVE-2019-20454 | 4 Fedoraproject, Pcre, Redhat and 1 more | 4 Fedora, Pcre2, Enterprise Linux and 1 more | 2024-08-05 | 7.5 High |
| An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c. | ||||
| CVE-2019-20397 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 8.8 High |
| A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution. | ||||
| CVE-2019-20421 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-08-05 | 7.5 High |
| In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | ||||
| CVE-2019-20393 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 8.8 High |
| A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution. | ||||
| CVE-2019-20386 | 6 Canonical, Fedoraproject, Netapp and 3 more | 9 Ubuntu Linux, Fedora, Active Iq Unified Manager and 6 more | 2024-08-05 | 2.4 Low |
| An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur. | ||||
| CVE-2019-20388 | 7 Debian, Fedoraproject, Netapp and 4 more | 34 Debian Linux, Fedora, Cloud Backup and 31 more | 2024-08-05 | 7.5 High |
| xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. | ||||
| CVE-2019-20395 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 6.5 Medium |
| A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash. | ||||
| CVE-2019-20387 | 3 Debian, Opensuse, Redhat | 3 Debian Linux, Libsolv, Enterprise Linux | 2024-08-05 | 7.5 High |
| repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema. | ||||
| CVE-2019-20330 | 5 Debian, Fasterxml, Netapp and 2 more | 40 Debian Linux, Jackson-databind, Active Iq Unified Manager and 37 more | 2024-08-05 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. | ||||
| CVE-2019-20394 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 8.8 High |
| A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution. | ||||
| CVE-2019-20396 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 6.5 Medium |
| A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing. | ||||
| CVE-2019-20398 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 6.5 Medium |
| A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash. | ||||
| CVE-2019-20382 | 5 Canonical, Debian, Opensuse and 2 more | 7 Ubuntu Linux, Debian Linux, Leap and 4 more | 2024-08-05 | 3.5 Low |
| QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. | ||||
| CVE-2019-20391 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 6.5 Medium |
| An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash. | ||||
| CVE-2019-20218 | 5 Canonical, Debian, Oracle and 2 more | 5 Ubuntu Linux, Debian Linux, Mysql Workbench and 2 more | 2024-08-05 | 7.5 High |
| selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. | ||||
| CVE-2019-20372 | 6 Apple, Canonical, F5 and 3 more | 8 Xcode, Ubuntu Linux, Nginx and 5 more | 2024-08-05 | 5.3 Medium |
| NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. | ||||
| CVE-2019-20392 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2024-08-05 | 6.5 Medium |
| An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash. | ||||
| CVE-2019-20095 | 4 Linux, Netapp, Opensuse and 1 more | 21 Linux Kernel, 8300, 8300 Firmware and 18 more | 2024-08-05 | 5.5 Medium |
| mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service. | ||||
| CVE-2019-20054 | 3 Linux, Netapp, Redhat | 19 Linux Kernel, 8300, 8300 Firmware and 16 more | 2024-08-05 | 5.5 Medium |
| In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. | ||||