Vulnerabilities > Redhat > Enterprise Linux EUS > 7.7

DATE CVE VULNERABILITY TITLE RISK
2021-11-23 CVE-2021-3672 Cross-site Scripting vulnerability in multiple products
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. 		5.6
5.6
2020-02-07 CVE-2019-15605 HTTP Request Smuggling vulnerability in multiple products
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
network
low complexity
nodejs debian fedoraproject opensuse redhat oracle CWE-444
critical
 9.8
9.8
2020-01-15 CVE-2020-2659 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). 4.3
4.3
2020-01-15 CVE-2020-2654 Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). 4.3
4.3
2020-01-15 CVE-2020-2604 Deserialization of Untrusted Data vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). 		8.1
8.1
2020-01-15 CVE-2020-2601 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). 4.3
4.3
2020-01-15 CVE-2020-2593 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). 5.8
5.8
2020-01-15 CVE-2020-2590 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). 4.3
4.3
2020-01-15 CVE-2020-2583 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). 4.3
4.3
2020-01-13 CVE-2020-6851 Out-of-bounds Write vulnerability in multiple products
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. 		7.5
7.5