Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13592 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10871 | 2 Freedesktop, Redhat | 2 Poppler, Enterprise Linux | 2024-08-04 | N/A |
| An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. | ||||
| CVE-2019-10746 | 4 Fedoraproject, Mixin-deep Project, Oracle and 1 more | 5 Fedora, Mixin-deep, Communications Cloud Native Core Network Function Cloud Native Environment and 2 more | 2024-08-04 | 9.8 Critical |
| mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. | ||||
| CVE-2019-10747 | 2 Redhat, Set-value Project | 3 Enterprise Linux, Rhel Software Collections, Set-value | 2024-08-04 | 9.8 Critical |
| set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads. | ||||
| CVE-2019-10639 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-08-04 | N/A |
| The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace. | ||||
| CVE-2019-10650 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-08-04 | N/A |
| In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. | ||||
| CVE-2019-10638 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-08-04 | N/A |
| In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. | ||||
| CVE-2019-10202 | 1 Redhat | 3 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Fuse | 2024-08-04 | 9.8 Critical |
| A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike. | ||||
| CVE-2019-10245 | 2 Eclipse, Redhat | 8 Openj9, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-08-04 | 7.5 High |
| In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load. | ||||
| CVE-2019-10221 | 2 Dogtagpki, Redhat | 3 Dogtagpki, Enterprise Linux, Rhel Eus | 2024-08-04 | 4.3 Medium |
| A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser. | ||||
| CVE-2019-10218 | 3 Fedoraproject, Redhat, Samba | 4 Fedora, Enterprise Linux, Storage and 1 more | 2024-08-04 | 6.5 Medium |
| A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user. | ||||
| CVE-2019-10219 | 3 Netapp, Oracle, Redhat | 199 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 196 more | 2024-08-04 | 6.1 Medium |
| A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. | ||||
| CVE-2019-10192 | 5 Canonical, Debian, Oracle and 2 more | 12 Ubuntu Linux, Debian Linux, Communications Operations Monitor and 9 more | 2024-08-04 | 7.2 High |
| A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. | ||||
| CVE-2019-10216 | 2 Artifex, Redhat | 10 Ghostscript, 3scale Amp, 3scale Api Management and 7 more | 2024-08-04 | 7.8 High |
| In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas. | ||||
| CVE-2019-10196 | 3 Fedoraproject, Http-proxy-agent Project, Redhat | 4 Fedora, Http-proxy-agent, Enterprise Linux and 1 more | 2024-08-04 | 9.8 Critical |
| A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker could submit typed input to the auth parameter. | ||||
| CVE-2019-10208 | 2 Postgresql, Redhat | 5 Postgresql, Enterprise Linux, Rhel E4s and 2 more | 2024-08-04 | 8.8 High |
| A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. | ||||
| CVE-2019-10224 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Enterprise Linux | 2024-08-04 | 4.6 Medium |
| A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information. | ||||
| CVE-2019-10197 | 4 Canonical, Debian, Redhat and 1 more | 5 Ubuntu Linux, Debian Linux, Enterprise Linux and 2 more | 2024-08-04 | N/A |
| A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. | ||||
| CVE-2019-10212 | 2 Netapp, Redhat | 9 Active Iq Unified Manager, Enterprise Linux, Jboss Data Grid and 6 more | 2024-08-04 | 9.8 Critical |
| A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files. | ||||
| CVE-2019-10214 | 5 Buildah Project, Libpod Project, Opensuse and 2 more | 7 Buildah, Libpod, Leap and 4 more | 2024-08-04 | 5.9 Medium |
| The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens. | ||||
| CVE-2019-10213 | 1 Redhat | 3 Enterprise Linux, Openshift, Openshift Container Platform | 2024-08-04 | 6.5 Medium |
| OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user. | ||||