Vulnerabilities > Redhat > Enterprise Linux EUS > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-13 CVE-2019-9514 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.
7.5
2019-07-30 CVE-2018-16871 A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20.
network
low complexity
linux redhat netapp
7.5
2019-07-23 CVE-2019-2800 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle redhat
7.1
2019-07-16 CVE-2019-13616 Out-of-bounds Read vulnerability in multiple products
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
8.1
2019-07-11 CVE-2019-12527 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 4.0.23 through 4.7.
8.8
2019-07-11 CVE-2019-10193 Out-of-bounds Write vulnerability in multiple products
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4.
network
low complexity
redislabs redhat debian canonical oracle CWE-787
7.2
2019-07-11 CVE-2019-10192 Out-of-bounds Write vulnerability in multiple products
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4.
network
low complexity
redislabs redhat debian canonical oracle CWE-787
7.2
2019-07-05 CVE-2019-13313 Information Exposure vulnerability in multiple products
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
local
low complexity
libosinfo fedoraproject redhat CWE-200
7.8
2019-06-25 CVE-2019-12817 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB.
7.0
2019-06-19 CVE-2019-11478 Resource Exhaustion vulnerability in multiple products
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences.
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-400
7.5