Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-25	CVE-2019-14815	A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. local low complexity linux redhat netapp	7.8
2019-11-25	CVE-2019-10214	Insufficiently Protected Credentials vulnerability in multiple products The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. network high complexity redhat skopeo-project buildah-project libpod-project opensuse CWE-522	5.9
2019-11-22	CVE-2012-0877	Resource Exhaustion vulnerability in multiple products PyXML: Hash table collisions CPU usage Denial of Service network low complexity python redhat CWE-400	7.5
2019-11-22	CVE-2015-7810	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files local high complexity videolan redhat fedoraproject debian CWE-367	4.7
2019-11-22	CVE-2014-3585	Improper Verification of Cryptographic Signature vulnerability in Redhat Enterprise Linux and Redhat-Upgrade-Tool redhat-upgrade-tool: Does not check GPG signatures when upgrading versions network low complexity redhat CWE-347 critical	9.8
2019-11-20	CVE-2013-1817	Information Exposure vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. network low complexity mediawiki debian redhat fedoraproject CWE-200	7.5
2019-11-20	CVE-2013-1816	Improper Input Validation vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. network low complexity mediawiki debian redhat fedoraproject CWE-20	7.5
2019-11-20	CVE-2012-6136	Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. local low complexity redhat fedoraproject debian CWE-276	5.5
2019-11-19	CVE-2011-4967	Improper Input Validation vulnerability in multiple products tog-Pegasus has a package hash collision DoS vulnerability network low complexity openpegasus redhat CWE-20	7.5
2019-11-18	CVE-2014-5118	Improper Input Validation vulnerability in multiple products Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability local low complexity trusted-boot-project redhat fedoraproject CWE-20	5.5