Vulnerabilities > Redhat > Enterprise Linux Server EUS

DATE CVE VULNERABILITY TITLE RISK
2019-03-26 CVE-2019-3878 Improper Authentication vulnerability in multiple products
A vulnerability was found in mod_auth_mellon before v0.14.2.
8.1
2019-03-25 CVE-2019-3857 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed.
8.8
2019-03-25 CVE-2019-3856 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed.
8.8
2019-03-25 CVE-2019-3838 It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27.
local
low complexity
artifex redhat fedoraproject opensuse debian
5.5
2019-03-25 CVE-2019-3835 Missing Authorization vulnerability in multiple products
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27.
5.5
2019-03-25 CVE-2019-3863 Out-of-bounds Write vulnerability in multiple products
A flaw was found in libssh2 before 1.8.1.
network
low complexity
libssh2 debian netapp opensuse redhat CWE-787
8.8
2019-03-23 CVE-2019-9948 Path Traversal vulnerability in multiple products
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
network
low complexity
python opensuse debian fedoraproject canonical redhat CWE-22
critical
9.1
2019-03-21 CVE-2019-3855 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server.
8.8
2019-03-21 CVE-2019-7221 Use After Free vulnerability in multiple products
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
7.8
2019-03-21 CVE-2019-6454 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in sd-bus in systemd 239.
5.5