Vulnerabilities > Redhat > Enterprise Linux Workstation > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-01	CVE-2019-17055	Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. local low complexity linux debian fedoraproject canonical opensuse redhat CWE-862	3.3
2019-07-23	CVE-2019-2786	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle opensuse hp canonical redhat	3.4
2019-02-28	CVE-2018-12397	Information Exposure vulnerability in Mozilla Firefox and Firefox ESR A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. local low complexity mozilla redhat debian canonical CWE-200	3.6
2019-01-28	CVE-2019-3815	Memory Leak vulnerability in multiple products A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. local low complexity redhat debian CWE-401	3.3
2019-01-16	CVE-2019-2422	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp redhat debian opensuse hp	3.1
2019-01-16	CVE-2019-2449	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network high complexity oracle redhat netapp	2.6
2019-01-16	CVE-2019-2503	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). oracle mariadb netapp canonical redhat	3.8
2019-01-11	CVE-2018-16866	Out-of-bounds Read vulnerability in multiple products An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. local low complexity systemd-project debian canonical netapp redhat CWE-125	3.3
2019-01-03	CVE-2018-16876	Information Exposure vulnerability in multiple products ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. network redhat debian suse canonical CWE-200	3.5
2018-12-12	CVE-2018-18397	Incorrect Authorization vulnerability in multiple products The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. local low complexity linux redhat canonical CWE-863	2.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.