Vulnerabilities > Redhat > Enterprise Linux Server AUS > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-08 CVE-2019-17017 Type Confusion vulnerability in multiple products
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash.
network
low complexity
mozilla canonical debian redhat CWE-843
8.8
2020-01-08 CVE-2019-11745 Out-of-bounds Write vulnerability in multiple products
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur.
8.8
2019-12-19 CVE-2019-19906 Off-by-one Error vulnerability in multiple products
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet.
7.5
2019-12-18 CVE-2018-1311 Use After Free vulnerability in multiple products
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs.
network
high complexity
apache redhat debian oracle fedoraproject CWE-416
8.1
2019-12-10 CVE-2019-13734 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2019-11-27 CVE-2019-10216 In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
local
low complexity
artifex redhat
7.8
2019-11-25 CVE-2019-14815 A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
local
low complexity
linux redhat netapp
7.8
2019-11-14 CVE-2019-0155 Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
redhat intel canonical
7.8
2019-11-04 CVE-2017-5333 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
7.8
2019-11-04 CVE-2017-5332 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
7.8