Vulnerabilities > Redhat > Enterprise Linux TUS

DATE CVE VULNERABILITY TITLE RISK
2020-10-07 CVE-2020-14355 Classic Buffer Overflow vulnerability in multiple products
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1.
6.6
2020-01-15 CVE-2020-2590 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle redhat debian canonical opensuse mcafee netapp
3.7
2019-09-20 CVE-2019-14816 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. 7.8
2019-08-14 CVE-2019-9506 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation.
8.1
2019-04-18 CVE-2018-16878 Resource Exhaustion vulnerability in multiple products
A flaw was found in pacemaker up to and including version 2.0.1.
5.5
2019-03-23 CVE-2019-9948 Path Traversal vulnerability in multiple products
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
network
low complexity
python opensuse debian fedoraproject canonical redhat CWE-22
critical
9.1
2017-10-05 CVE-2017-15041 Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution.
network
low complexity
golang debian redhat
critical
9.8
2016-11-10 CVE-2016-5195 Race Condition vulnerability in multiple products
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
7.0