Vulnerabilities > Redhat > Enterprise Linux Server TUS > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-14 | CVE-2019-14823 | Improperly Implemented Security Check for Standard vulnerability in multiple products A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. | 7.4 |
2019-09-25 | CVE-2019-16884 | Incorrect Authorization vulnerability in multiple products runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. | 7.5 |
2019-09-20 | CVE-2019-14816 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
2019-09-20 | CVE-2019-14814 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
2019-09-19 | CVE-2019-14821 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. | 8.8 |
2019-09-17 | CVE-2019-14835 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. | 7.8 |
2019-08-20 | CVE-2019-10086 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. | 7.3 |
2019-07-30 | CVE-2018-16871 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. | 7.5 |
2019-07-23 | CVE-2019-2800 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). | 7.1 |
2019-07-16 | CVE-2019-13616 | Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | 8.1 |