Vulnerabilities > Redhat > Enterprise Linux Server > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-17 | CVE-2019-17631 | Improper Privilege Management vulnerability in multiple products From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. | 6.4 |
2019-10-16 | CVE-2019-2999 | Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). | 4.7 |
2019-10-16 | CVE-2019-2996 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). | 4.2 |
2019-10-16 | CVE-2019-2989 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). | 4.3 |
2019-10-16 | CVE-2019-2987 | Vulnerability in the Java SE product of Oracle Java SE (component: 2D). | 4.3 |
2019-10-16 | CVE-2019-2975 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). | 4.8 |
2019-10-16 | CVE-2019-2949 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). | 6.8 |
2019-08-14 | CVE-2019-9506 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. | 4.8 |
2019-08-02 | CVE-2019-10168 | Path Traversal vulnerability in Redhat products The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. | 4.6 |
2019-08-02 | CVE-2019-10167 | Path Traversal vulnerability in Redhat products The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. | 4.6 |