Enterprise Linux EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-14	CVE-2020-0602	Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. network low complexity microsoft redhat CWE-400	5.0
2020-01-13	CVE-2020-6851	Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. network low complexity uclouvain fedoraproject debian redhat oracle CWE-787	7.5
2020-01-08	CVE-2019-17024	Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. network mozilla canonical debian redhat opensuse CWE-787	6.8
2019-12-19	CVE-2019-19906	Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. network low complexity cyrusimap debian canonical fedoraproject redhat apple apache CWE-193	7.5
2019-12-18	CVE-2018-1311	Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. network high complexity apache redhat debian oracle fedoraproject CWE-416	8.1
2019-12-13	CVE-2019-16777	Improper Privilege Management vulnerability in multiple products Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. network low complexity npmjs opensuse oracle fedoraproject redhat CWE-269	6.5
2019-12-13	CVE-2019-16776	Path Traversal vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. network low complexity npmjs opensuse oracle fedoraproject redhat CWE-22	8.1
2019-12-13	CVE-2019-16775	UNIX Symbolic Link (Symlink) Following vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. network low complexity redhat npmjs opensuse oracle fedoraproject CWE-61	6.5
2019-12-10	CVE-2019-13734	Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat canonical suse opensuse debian oracle CWE-787	8.8
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5