Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13592 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-18197 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-08-05 | 7.5 High |
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. | ||||
CVE-2019-17639 | 2 Eclipse, Redhat | 3 Openj9, Enterprise Linux, Rhel Extras | 2024-08-05 | 5.3 Medium |
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type. | ||||
CVE-2019-17666 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-08-05 | 8.8 High |
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | ||||
CVE-2019-17595 | 3 Gnu, Opensuse, Redhat | 3 Ncurses, Leap, Enterprise Linux | 2024-08-05 | 5.4 Medium |
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||||
CVE-2019-17631 | 2 Eclipse, Redhat | 9 Openj9, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2024-08-05 | 9.1 Critical |
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. | ||||
CVE-2019-17626 | 2 Redhat, Reportlab | 3 Enterprise Linux, Rhel E4s, Reportlab | 2024-08-05 | 9.8 Critical |
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code. | ||||
CVE-2019-17596 | 6 Arista, Debian, Fedoraproject and 3 more | 13 Cloudvision Portal, Eos, Mos and 10 more | 2024-08-05 | 7.5 High |
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. | ||||
CVE-2019-17594 | 3 Gnu, Opensuse, Redhat | 3 Ncurses, Leap, Enterprise Linux | 2024-08-05 | 5.3 Medium |
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||||
CVE-2019-17531 | 5 Debian, Fasterxml, Netapp and 2 more | 33 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 30 more | 2024-08-05 | 9.8 Critical |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. | ||||
CVE-2019-17540 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-08-05 | 8.8 High |
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | ||||
CVE-2019-17546 | 3 Libtiff, Osgeo, Redhat | 3 Libtiff, Gdal, Enterprise Linux | 2024-08-05 | 8.8 High |
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition. | ||||
CVE-2019-17541 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-08-05 | 8.8 High |
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. | ||||
CVE-2019-17498 | 6 Debian, Fedoraproject, Libssh2 and 3 more | 13 Debian Linux, Fedora, Libssh2 and 10 more | 2024-08-05 | 8.1 High |
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. | ||||
CVE-2019-17570 | 5 Apache, Canonical, Debian and 2 more | 8 Xml-rpc, Ubuntu Linux, Debian Linux and 5 more | 2024-08-05 | 9.8 Critical |
An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. | ||||
CVE-2019-17571 | 7 Apache, Canonical, Debian and 4 more | 26 Bookkeeper, Log4j, Ubuntu Linux and 23 more | 2024-08-05 | 9.8 Critical |
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. | ||||
CVE-2019-17563 | 6 Apache, Canonical, Debian and 3 more | 14 Tomcat, Ubuntu Linux, Debian Linux and 11 more | 2024-08-05 | 7.5 High |
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. | ||||
CVE-2019-17450 | 4 Canonical, Gnu, Opensuse and 1 more | 4 Ubuntu Linux, Binutils, Leap and 1 more | 2024-08-05 | 6.5 Medium |
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | ||||
CVE-2019-17451 | 4 Canonical, Gnu, Opensuse and 1 more | 4 Ubuntu Linux, Binutils, Leap and 1 more | 2024-08-05 | 6.5 Medium |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. | ||||
CVE-2019-17402 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-08-05 | 6.5 Medium |
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. | ||||
CVE-2019-17400 | 2 Redhat, Universal Office Converter Project | 2 Enterprise Linux, Universal Office Converter | 2024-08-05 | 7.5 High |
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. |