Vulnerabilities > Redhat > Enterprise Linux EUS

DATE CVE VULNERABILITY TITLE RISK
2019-10-31 CVE-2019-5010 NULL Pointer Dereference vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6.
network
low complexity
python opensuse debian redhat CWE-476
7.5
2019-10-28 CVE-2019-11043 Out-of-bounds Write vulnerability in multiple products
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
network
low complexity
php canonical debian fedoraproject tenable redhat CWE-787
critical
9.8
2019-10-17 CVE-2019-17631 Improper Privilege Management vulnerability in multiple products
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.
network
low complexity
eclipse redhat CWE-269
critical
9.1
2019-10-17 CVE-2019-14287 Improper Handling of Exceptional Conditions vulnerability in multiple products
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID.
8.8
2019-10-16 CVE-2019-2999 Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc).
network
high complexity
oracle redhat netapp debian opensuse canonical
4.7
2019-10-16 CVE-2019-2996 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment).
network
high complexity
oracle netapp redhat
4.2
2019-10-16 CVE-2019-2992 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D).
network
high complexity
oracle redhat netapp debian canonical opensuse
3.7
2019-10-16 CVE-2019-2988 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D).
network
high complexity
oracle netapp debian canonical opensuse redhat
3.7
2019-10-16 CVE-2019-2983 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
network
high complexity
oracle redhat netapp debian opensuse canonical
3.7
2019-10-16 CVE-2019-2981 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP).
network
high complexity
oracle redhat netapp debian opensuse canonical
3.7