Vulnerabilities > Redhat > Enterprise Linux Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-10-17 CVE-2019-17631 Improper Privilege Management vulnerability in multiple products
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.
network
low complexity
eclipse redhat CWE-269
6.4
6.4
2019-10-16 CVE-2019-2999 Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc).
network
high complexity
oracle redhat netapp debian opensuse canonical
4.7
4.7
2019-10-16 CVE-2019-2996 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment).
network
high complexity
oracle netapp redhat
4.2
4.2
2019-10-16 CVE-2019-2989 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking).
network
oracle redhat netapp
4.3
4.3
2019-10-16 CVE-2019-2987 Vulnerability in the Java SE product of Oracle Java SE (component: 2D). 4.3
4.3
2019-10-16 CVE-2019-2975 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting).
network
high complexity
oracle redhat netapp debian opensuse mcafee canonical
4.8
4.8
2019-10-16 CVE-2019-2949 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos).
network
high complexity
oracle debian netapp redhat canonical opensuse mcafee
6.8
6.8
2019-08-14 CVE-2019-9506 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. 		4.8
4.8
2019-08-02 CVE-2019-10168 Path Traversal vulnerability in Redhat products
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain.
local
low complexity
redhat CWE-22
4.6
4.6
2019-08-02 CVE-2019-10167 Path Traversal vulnerability in Redhat products
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain.
local
low complexity
redhat CWE-22
4.6
4.6