Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-27	CVE-2016-4980	Use of Insufficiently Random Values vulnerability in multiple products A password generation weakness exists in xquest through 2016-06-13. local high complexity ethz fedoraproject redhat CWE-330	2.5
2019-11-27	CVE-2019-10216	In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat	7.8
2019-11-27	CVE-2019-14896	A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. network low complexity linux redhat fedoraproject canonical debian critical	9.8
2019-11-26	CVE-2011-3632	Link Following vulnerability in multiple products Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. local low complexity hardlink-project redhat debian CWE-59	7.1
2019-11-26	CVE-2011-3631	Integer Overflow or Wraparound vulnerability in multiple products Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. network low complexity hardlink-project redhat debian CWE-190	8.8
2019-11-26	CVE-2011-3630	Out-of-bounds Write vulnerability in multiple products Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. network low complexity hardlink-project redhat debian CWE-787	8.8
2019-11-25	CVE-2012-5644	Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory local low complexity libuser-project fedoraproject redhat debian CWE-200	5.5
2019-11-25	CVE-2012-5630	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. local high complexity libuser-project fedoraproject redhat CWE-367	6.3
2019-11-25	CVE-2012-5521	Reachable Assertion vulnerability in multiple products quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal low complexity quagga debian redhat CWE-617	6.5
2019-11-25	CVE-2019-14822	Missing Authorization vulnerability in multiple products A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. local low complexity ibus-project redhat canonical oracle CWE-862	7.1