Vulnerabilities > Redhat > Enterprise Linux Server TUS > High

DATE CVE VULNERABILITY TITLE RISK
2019-07-11 CVE-2019-12527 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 4.0.23 through 4.7.
8.8
2019-07-05 CVE-2019-13313 Information Exposure vulnerability in multiple products
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
local
low complexity
libosinfo fedoraproject redhat CWE-200
7.8
2019-06-25 CVE-2019-12817 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB.
7.0
2019-05-16 CVE-2019-0820 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'.
network
low complexity
microsoft redhat CWE-400
7.5
2019-05-07 CVE-2019-11811 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.4.
local
high complexity
linux redhat opensuse CWE-416
7.0
2019-04-26 CVE-2019-9792 Out-of-bounds Write vulnerability in multiple products
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout.
network
low complexity
mozilla redhat CWE-787
7.5
2019-04-26 CVE-2019-9791 Type Confusion vulnerability in multiple products
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR).
network
low complexity
mozilla redhat CWE-843
7.5
2019-04-26 CVE-2019-9788 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5.
network
low complexity
mozilla redhat CWE-787
7.5
2019-04-23 CVE-2019-2602 Resource Exhaustion vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
7.5
2019-04-23 CVE-2019-0223 While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0.
network
high complexity
apache redhat
7.4