Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-15	CVE-2020-2593	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). network oracle redhat debian canonical opensuse mcafee netapp	5.8
2020-01-15	CVE-2020-2590	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). network oracle redhat debian canonical opensuse mcafee netapp	4.3
2020-01-15	CVE-2020-2583	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). network oracle redhat debian canonical opensuse mcafee netapp	4.3
2020-01-14	CVE-2015-3147	Link Following vulnerability in Redhat products daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt. network low complexity redhat CWE-59	6.5
2020-01-14	CVE-2014-7844	Injection vulnerability in multiple products BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. local low complexity redhat debian bsd-mailx-project CWE-74	7.8
2020-01-13	CVE-2020-6851	Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. network low complexity uclouvain fedoraproject debian redhat oracle CWE-787	7.5
2020-01-08	CVE-2019-17024	Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. network mozilla canonical debian redhat opensuse CWE-787	6.8
2020-01-08	CVE-2019-17022	Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. network mozilla canonical debian redhat CWE-79	4.3
2020-01-08	CVE-2019-17017	Type Confusion vulnerability in Mozilla Firefox and Firefox ESR Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. network mozilla canonical debian redhat CWE-843	6.8
2020-01-08	CVE-2019-17016	Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. network mozilla debian canonical redhat CWE-79	4.3