Enterprise Linux EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-15	CVE-2019-11833	Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. local low complexity linux fedoraproject debian canonical redhat CWE-908	5.5
2019-05-10	CVE-2019-11884	The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. local low complexity linux fedoraproject debian canonical redhat opensuse	3.3
2019-04-26	CVE-2019-9810	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. network low complexity mozilla redhat CWE-119	8.8
2019-04-26	CVE-2019-9792	Out-of-bounds Write vulnerability in multiple products The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. network low complexity mozilla redhat CWE-787 critical	9.8
2019-04-26	CVE-2019-9791	Type Confusion vulnerability in multiple products The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). network low complexity mozilla redhat CWE-843 critical	9.8
2019-04-26	CVE-2019-9788	Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. network low complexity mozilla redhat CWE-787 critical	9.8
2019-04-23	CVE-2019-2698	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). network high complexity oracle redhat debian opensuse canonical hp	8.1
2019-04-23	CVE-2019-2697	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). network high complexity oracle canonical redhat hp	8.1
2019-04-23	CVE-2019-2695	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle redhat	6.5
2019-04-23	CVE-2019-2694	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle redhat	6.5