Vulnerabilities > Redhat > Enterprise Linux EUS > 8.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2019-2739 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). | 5.1 |
| 2019-07-23 | CVE-2019-2738 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). | 3.1 |
| 2019-07-22 | CVE-2019-9959 | Integer Overflow or Wraparound vulnerability in multiple products The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. | 6.5 |
| 2019-07-11 | CVE-2019-12527 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 4.0.23 through 4.7. | 8.8 |
| 2019-07-05 | CVE-2019-13313 | Information Exposure vulnerability in multiple products libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. | 7.8 |
| 2019-05-29 | CVE-2019-12450 | Incorrect Default Permissions vulnerability in multiple products file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. | 9.8 |
| 2019-05-16 | CVE-2019-0820 | Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. | 7.5 |
| 2019-05-15 | CVE-2019-11833 | Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | 5.5 |
| 2019-05-10 | CVE-2019-11884 | The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | 3.3 |
| 2019-04-23 | CVE-2019-2698 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). | 8.1 |