Vulnerabilities > Redhat > Enterprise Linux Server AUS > 8.4

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-16	CVE-2019-2503	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). high complexity oracle mariadb netapp canonical redhat	6.4
2019-01-16	CVE-2019-2481	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle canonical netapp mariadb redhat	4.9
2019-01-16	CVE-2019-2455	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). network low complexity oracle canonical mariadb netapp redhat	6.5
2019-01-16	CVE-2019-2436	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network low complexity oracle netapp redhat	5.5
2019-01-16	CVE-2019-2434	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). network low complexity oracle canonical netapp redhat	6.5
2019-01-16	CVE-2019-2420	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle canonical netapp redhat	4.9
2019-01-10	CVE-2018-20685	Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . network high complexity openbsd winscp netapp debian canonical redhat oracle fujitsu siemens CWE-863	5.3
2019-01-03	CVE-2018-20662	Improper Input Validation vulnerability in multiple products In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. network low complexity freedesktop debian fedoraproject canonical redhat CWE-20	6.5
2019-01-01	CVE-2018-20650	Improper Input Validation vulnerability in multiple products A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. network low complexity freedesktop canonical debian redhat CWE-20	6.5
2018-11-28	CVE-2018-12121	Resource Exhaustion vulnerability in multiple products Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. network low complexity nodejs redhat CWE-400	7.5