Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-09	CVE-2019-3887	A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat	5.6
2019-04-09	CVE-2019-3880	Path Traversal vulnerability in multiple products A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. network low complexity samba debian redhat fedoraproject opensuse CWE-22	5.4
2019-04-09	CVE-2019-0757	A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. network low complexity microsoft mono-project redhat	6.5
2019-04-08	CVE-2019-0211	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. local low complexity apache fedoraproject canonical debian opensuse netapp redhat oracle CWE-416	7.8
2019-04-08	CVE-2019-0217	Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. network high complexity apache debian fedoraproject canonical redhat opensuse netapp oracle CWE-362	7.5
2019-03-27	CVE-2019-0160	Out-of-bounds Write vulnerability in multiple products Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. network low complexity tianocore opensuse fedoraproject redhat CWE-787 critical	9.8
2019-03-27	CVE-2019-3877	Open Redirect vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. network low complexity mod-auth-mellon-project fedoraproject redhat canonical CWE-601	6.1
2019-03-26	CVE-2019-3878	Improper Authentication vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. network high complexity mod-auth-mellon-project fedoraproject redhat canonical CWE-287	8.1
2019-03-25	CVE-2019-3874	The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. low complexity linux debian redhat canonical netapp	6.5
2019-03-25	CVE-2019-3857	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8