Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2019-17016	Cross-site Scripting vulnerability in multiple products When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. network low complexity mozilla debian canonical redhat CWE-79	6.1
2020-01-08	CVE-2019-11745	Out-of-bounds Write vulnerability in multiple products When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. network low complexity mozilla opensuse canonical debian redhat siemens CWE-787	8.8
2019-12-19	CVE-2019-19906	Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. network low complexity cyrusimap debian canonical fedoraproject redhat apple apache CWE-193	7.5
2019-12-18	CVE-2018-1311	Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. network high complexity apache redhat debian oracle fedoraproject CWE-416	8.1
2019-12-10	CVE-2019-13734	Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat canonical suse opensuse debian oracle CWE-787	8.8
2019-12-06	CVE-2019-5544	Out-of-bounds Write vulnerability in multiple products OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. network low complexity vmware redhat openslp fedoraproject CWE-787 critical	9.8
2019-11-27	CVE-2019-10216	In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat	7.8
2019-11-25	CVE-2019-14815	A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. local low complexity linux redhat netapp	7.8
2019-11-14	CVE-2018-12207	Improper Input Validation vulnerability in multiple products Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. local low complexity intel debian opensuse fedoraproject canonical f5 redhat oracle CWE-20	6.5
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5