Vulnerabilities > Redhat > Enterprise Linux Server AUS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-31 | CVE-2019-5010 | NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. | 7.5 |
| 2019-10-17 | CVE-2019-14287 | Improper Handling of Exceptional Conditions vulnerability in multiple products In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. | 8.8 |
| 2019-10-14 | CVE-2019-14823 | Improperly Implemented Security Check for Standard vulnerability in multiple products A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. | 7.4 |
| 2019-09-25 | CVE-2019-16884 | Incorrect Authorization vulnerability in multiple products runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. | 7.5 |
| 2019-09-20 | CVE-2019-14816 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
| 2019-09-20 | CVE-2019-14814 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
| 2019-09-19 | CVE-2019-14821 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. | 8.8 |
| 2019-09-17 | CVE-2019-14835 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. | 7.8 |
| 2019-08-20 | CVE-2019-10086 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. | 7.3 |
| 2019-07-30 | CVE-2018-16871 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. | 7.5 |