Vulnerabilities > Redhat > Enterprise Linux FOR Scientific Computing

DATE CVE VULNERABILITY TITLE RISK
2019-12-10 CVE-2019-13726 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-119
8.8
2019-12-10 CVE-2019-13725 Use After Free vulnerability in multiple products
Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-416
8.8
2019-10-28 CVE-2019-11043 Out-of-bounds Write vulnerability in multiple products
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
network
low complexity
php canonical debian fedoraproject tenable redhat CWE-787
critical
9.8
2019-02-04 CVE-2019-7317 Use After Free vulnerability in multiple products
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
5.3
2019-01-25 CVE-2018-16881 Integer Overflow or Wraparound vulnerability in multiple products
A denial of service vulnerability was found in rsyslog in the imptcp module.
network
low complexity
rsyslog redhat debian CWE-190
7.5
2019-01-11 CVE-2018-16866 An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. 3.3
2018-01-09 CVE-2017-15129 Race Condition vulnerability in multiple products
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11.
local
high complexity
linux fedoraproject canonical redhat CWE-362
4.7
2017-09-19 CVE-2017-12615 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g.
network
high complexity
apache netapp redhat CWE-434
8.1
2017-08-09 CVE-2015-3405 Insufficient Entropy vulnerability in multiple products
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
7.5
2016-12-22 CVE-2016-9675 Out-of-bounds Write vulnerability in multiple products
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045.
local
low complexity
uclouvain redhat CWE-787
7.8