Vulnerabilities > Redhat > Enterprise Linux Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2593 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). | 5.8 |
| 2020-01-15 | CVE-2020-2590 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). | 4.3 |
| 2020-01-15 | CVE-2020-2583 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). | 4.3 |
| 2020-01-14 | CVE-2015-3147 | Link Following vulnerability in Redhat products daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt. | 6.5 |
| 2020-01-08 | CVE-2019-17024 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. | 6.8 |
| 2020-01-08 | CVE-2019-17022 | Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. | 4.3 |
| 2020-01-08 | CVE-2019-17017 | Type Confusion vulnerability in Mozilla Firefox and Firefox ESR Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. | 6.8 |
| 2020-01-08 | CVE-2019-17016 | Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. | 4.3 |
| 2019-12-24 | CVE-2019-19925 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | 5.0 |
| 2019-12-24 | CVE-2019-19923 | NULL Pointer Dereference vulnerability in multiple products flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. | 5.0 |