Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13592 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13345 | 3 Debian, Redhat, Squid-cache | 3 Debian Linux, Enterprise Linux, Squid | 2024-08-04 | N/A |
| The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter. | ||||
| CVE-2019-13311 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | ||||
| CVE-2019-13309 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | ||||
| CVE-2019-13306 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 7.8 High |
| ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. | ||||
| CVE-2019-13307 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 7.8 High |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. | ||||
| CVE-2019-13295 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 8.8 High |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. | ||||
| CVE-2019-13313 | 3 Fedoraproject, Libosinfo, Redhat | 6 Fedora, Libosinfo, Enterprise Linux and 3 more | 2024-08-04 | 7.8 High |
| libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. | ||||
| CVE-2019-13297 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 8.8 High |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. | ||||
| CVE-2019-13304 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 7.8 High |
| ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. | ||||
| CVE-2019-13310 | 4 Canonical, Imagemagick, Opensuse and 1 more | 4 Ubuntu Linux, Imagemagick, Leap and 1 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | ||||
| CVE-2019-13272 | 6 Canonical, Debian, Fedoraproject and 3 more | 25 Ubuntu Linux, Debian Linux, Fedora and 22 more | 2024-08-04 | 7.8 High |
| In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments. | ||||
| CVE-2019-13224 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-08-04 | 9.8 Critical |
| A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. | ||||
| CVE-2019-13300 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 8.8 High |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. | ||||
| CVE-2019-13225 | 3 Fedoraproject, Oniguruma Project, Redhat | 3 Fedora, Oniguruma, Enterprise Linux | 2024-08-04 | 6.5 Medium |
| A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. | ||||
| CVE-2019-13233 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-08-04 | N/A |
| In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation. | ||||
| CVE-2019-13232 | 3 Debian, Redhat, Unzip Project | 4 Debian Linux, Enterprise Linux, Rhel Eus and 1 more | 2024-08-04 | 3.3 Low |
| Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue. | ||||
| CVE-2019-13163 | 4 Fujitsu, Microsoft, Oracle and 1 more | 65 Celsius, Celsius Firmware, Gp7000f and 62 more | 2024-08-04 | 5.9 Medium |
| The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15. | ||||
| CVE-2019-13134 | 3 Imagemagick, Opensuse, Redhat | 3 Imagemagick, Leap, Enterprise Linux | 2024-08-04 | 5.5 Medium |
| ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. | ||||
| CVE-2019-13133 | 3 Imagemagick, Opensuse, Redhat | 3 Imagemagick, Leap, Enterprise Linux | 2024-08-04 | 5.5 Medium |
| ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. | ||||
| CVE-2019-13135 | 5 Canonical, Debian, F5 and 2 more | 6 Ubuntu Linux, Debian Linux, Big-ip Application Acceleration Manager and 3 more | 2024-08-04 | 8.8 High |
| ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | ||||