Vulnerabilities > Redhat > Enterprise Linux EUS > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-03 | CVE-2023-3961 | Path Traversal vulnerability in multiple products A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. | 9.8 |
2020-02-07 | CVE-2019-15605 | HTTP Request Smuggling vulnerability in multiple products HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed | 9.8 |
2020-02-07 | CVE-2019-15606 | Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons | 9.8 |
2019-10-28 | CVE-2019-11043 | Out-of-bounds Write vulnerability in multiple products In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. | 9.8 |
2019-10-17 | CVE-2019-17631 | Improper Privilege Management vulnerability in multiple products From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. | 9.1 |
2019-07-19 | CVE-2019-1010238 | Out-of-bounds Write vulnerability in multiple products Gnome Pango 1.42 and later is affected by: Buffer Overflow. | 9.8 |
2019-06-14 | CVE-2019-10126 | A flaw was found in the Linux kernel. | 9.8 |
2019-06-07 | CVE-2019-10160 | A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. | 9.8 |
2019-06-03 | CVE-2019-11356 | Out-of-bounds Write vulnerability in multiple products The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. | 9.8 |
2019-05-29 | CVE-2019-12450 | Incorrect Default Permissions vulnerability in multiple products file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. | 9.8 |