Enterprise Linux EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-31	CVE-2019-5010	NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. network low complexity python opensuse debian redhat CWE-476	7.5
2019-10-28	CVE-2019-11043	Out-of-bounds Write vulnerability in multiple products In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. network low complexity php canonical debian fedoraproject tenable redhat CWE-787 critical	9.8
2019-10-17	CVE-2019-17631	Improper Privilege Management vulnerability in multiple products From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. network low complexity eclipse redhat CWE-269	6.4
2019-10-17	CVE-2019-14287	Improper Handling of Exceptional Conditions vulnerability in multiple products In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. network low complexity sudo-project fedoraproject debian opensuse canonical netapp redhat CWE-755	8.8
2019-10-16	CVE-2019-2999	Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). network high complexity oracle redhat netapp debian opensuse canonical	4.7
2019-10-16	CVE-2019-2996	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). network high complexity oracle netapp redhat	4.2
2019-10-16	CVE-2019-2992	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). network high complexity oracle redhat netapp debian canonical opensuse	3.7
2019-10-16	CVE-2019-2988	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). network high complexity oracle netapp debian canonical opensuse redhat	3.7
2019-10-16	CVE-2019-2983	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). network high complexity oracle redhat netapp debian opensuse canonical	3.7
2019-10-16	CVE-2019-2981	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). network high complexity oracle redhat netapp debian opensuse canonical	3.7