Vulnerabilities > Redhat > Enterprise Linux Server AUS > 8.4

DATE CVE VULNERABILITY TITLE RISK
2019-07-22 CVE-2019-9959 Integer Overflow or Wraparound vulnerability in multiple products
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
network
low complexity
freedesktop debian fedoraproject redhat CWE-190
6.5
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
9.8
2019-07-11 CVE-2019-12527 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 4.0.23 through 4.7.
8.8
2019-07-11 CVE-2019-10193 Out-of-bounds Write vulnerability in multiple products
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4.
network
low complexity
redislabs redhat debian canonical oracle CWE-787
7.2
2019-07-11 CVE-2019-10192 Out-of-bounds Write vulnerability in multiple products
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4.
network
low complexity
redislabs redhat debian canonical oracle CWE-787
7.2
2019-07-05 CVE-2019-13313 Information Exposure vulnerability in multiple products
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
local
low complexity
libosinfo fedoraproject redhat CWE-200
7.8
2019-06-25 CVE-2019-12817 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB.
7.0
2019-06-05 CVE-2019-9755 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An integer underflow issue exists in ntfs-3g 2017.3.23.
local
high complexity
tuxera redhat CWE-191
7.0
2019-06-03 CVE-2019-11356 Out-of-bounds Write vulnerability in multiple products
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
network
low complexity
cyrus fedoraproject debian canonical redhat CWE-787
critical
9.8
2019-05-29 CVE-2019-12450 Incorrect Default Permissions vulnerability in multiple products
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress.
network
low complexity
gnome debian redhat canonical opensuse fedoraproject CWE-276
critical
9.8