Enterprise Linux Server TUS

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-25	CVE-2019-3838	It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. local low complexity artifex redhat fedoraproject opensuse debian	5.5
2019-03-25	CVE-2019-3835	Missing Authorization vulnerability in multiple products It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. local low complexity artifex redhat fedoraproject debian opensuse CWE-862	5.5
2019-03-25	CVE-2019-3863	Out-of-bounds Write vulnerability in multiple products A flaw was found in libssh2 before 1.8.1. network low complexity libssh2 debian netapp opensuse redhat CWE-787	8.8
2019-03-21	CVE-2019-3855	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. network low complexity libssh2 fedoraproject debian netapp redhat opensuse apple oracle CWE-190	8.8
2019-03-21	CVE-2019-9903	Out-of-bounds Write vulnerability in multiple products PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. network low complexity freedesktop fedoraproject debian canonical redhat CWE-787	6.5
2019-03-21	CVE-2019-7222	The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. local low complexity linux fedoraproject opensuse debian canonical netapp redhat	5.5
2019-03-21	CVE-2019-7221	Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. local low complexity linux opensuse fedoraproject debian canonical netapp redhat CWE-416	7.8
2019-03-21	CVE-2019-6454	Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787	5.5
2019-03-21	CVE-2019-6116	In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. local low complexity artifex fedoraproject canonical debian opensuse redhat	7.8
2019-03-14	CVE-2019-3816	Path Traversal vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. network low complexity openwsman-project redhat fedoraproject opensuse CWE-22	7.5