Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-26	CVE-2019-10164	Out-of-bounds Write vulnerability in multiple products PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. network low complexity postgresql redhat fedoraproject opensuse CWE-787	8.8
2019-06-25	CVE-2019-12817	Out-of-bounds Write vulnerability in multiple products arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. local high complexity canonical linux fedoraproject debian opensuse redhat CWE-787	7.0
2019-06-24	CVE-2019-12384	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. network high complexity fasterxml debian redhat CWE-502	5.9
2019-06-19	CVE-2019-11479	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. network low complexity linux f5 canonical redhat CWE-770	7.5
2019-06-19	CVE-2019-11478	Resource Exhaustion vulnerability in multiple products Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. network low complexity linux f5 canonical redhat pulsesecure ivanti CWE-400	7.5
2019-06-19	CVE-2019-11477	Integer Overflow or Wraparound vulnerability in multiple products Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). network low complexity linux f5 canonical redhat pulsesecure ivanti CWE-190	7.5
2019-06-19	CVE-2019-11038	Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. network low complexity libgd php canonical debian fedoraproject suse opensuse redhat CWE-908	5.3
2019-06-18	CVE-2012-6711	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. local low complexity gnu redhat CWE-119	7.8
2019-06-17	CVE-2019-8324	Code Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse redhat CWE-94	8.8
2019-06-14	CVE-2019-10126	A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp critical	9.8