Vulnerabilities > Redhat > Enterprise Linux EUS > 8.6

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-18	CVE-2018-16877	A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. local low complexity clusterlabs canonical fedoraproject debian opensuse redhat	7.8
2019-03-23	CVE-2019-9948	Path Traversal vulnerability in multiple products urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. network low complexity python opensuse debian fedoraproject canonical redhat CWE-22 critical	9.1
2019-03-21	CVE-2019-9903	Out-of-bounds Write vulnerability in multiple products PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. network low complexity freedesktop fedoraproject debian canonical redhat CWE-787	6.5
2019-03-21	CVE-2019-7222	The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. local low complexity linux fedoraproject opensuse debian canonical netapp redhat	5.5
2019-03-08	CVE-2019-9636	Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. network low complexity python fedoraproject opensuse debian canonical redhat oracle critical	9.8
2019-02-09	CVE-2019-7664	Out-of-bounds Write vulnerability in multiple products In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. local low complexity elfutils-project redhat CWE-787	5.5
2019-02-05	CVE-2018-18506	When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. network high complexity mozilla canonical debian redhat opensuse	5.9
2019-01-31	CVE-2019-6111	Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens CWE-22	5.9
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-16	CVE-2019-2539	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). network low complexity oracle netapp redhat	4.9