Vulnerabilities > Redhat > Enterprise Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-21 | CVE-2018-25009 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16(). | 9.1 |
| 2021-03-25 | CVE-2021-3466 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in libmicrohttpd. | 9.8 |
| 2021-03-19 | CVE-2019-10196 | Improper Initialization vulnerability in multiple products A flaw was found in http-proxy-agent, prior to version 2.1.0. | 9.0 |
| 2021-03-12 | CVE-2021-20231 | Use After Free vulnerability in multiple products A flaw was found in gnutls. | 9.8 |
| 2021-03-12 | CVE-2021-20232 | Use After Free vulnerability in multiple products A flaw was found in gnutls. | 9.8 |
| 2020-12-21 | CVE-2020-27846 | Misinterpretation of Input vulnerability in multiple products A signature verification vulnerability exists in crewjam/saml. | 9.8 |
| 2020-02-07 | CVE-2019-15605 | HTTP Request Smuggling vulnerability in multiple products HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed | 9.8 |
| 2020-02-07 | CVE-2019-15606 | Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons | 9.8 |
| 2020-01-14 | CVE-2020-0603 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'. | 9.3 |
| 2020-01-07 | CVE-2019-14906 | Out-of-bounds Write vulnerability in multiple products A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. | 9.8 |