Vulnerabilities > Redhat > Enterprise Linux Server AUS

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2019-2587 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition).
network
low complexity
oracle fedoraproject redhat
4.9
2019-04-23 CVE-2019-2585 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle fedoraproject redhat
4.9
2019-04-23 CVE-2019-2584 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle fedoraproject redhat
4.9
2019-04-23 CVE-2019-2581 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical fedoraproject redhat
4.9
2019-04-23 CVE-2019-2580 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle fedoraproject redhat
4.9
2019-04-23 CVE-2019-0223 While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0.
network
high complexity
apache redhat
7.4
2019-04-22 CVE-2019-11459 Use of Uninitialized Resource vulnerability in multiple products
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
5.5
2019-04-22 CVE-2019-11235 Insufficient Verification of Data Authenticity vulnerability in multiple products
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
network
low complexity
freeradius fedoraproject redhat canonical opensuse CWE-345
critical
9.8
2019-04-18 CVE-2018-16877 A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. 7.8
2019-04-11 CVE-2019-3460 Improper Input Validation vulnerability in multiple products
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
6.5