Vulnerabilities > Redhat > Enterprise Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-12-06 CVE-2019-19333 Out-of-bounds Write vulnerability in multiple products
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits".
network
low complexity
cesnet redhat CWE-787
critical
 9.8
9.8
2019-12-06 CVE-2019-19334 Out-of-bounds Write vulnerability in multiple products
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref".
network
low complexity
cesnet redhat fedoraproject CWE-787
critical
 9.8
9.8
2019-11-27 CVE-2011-2717 Injection vulnerability in multiple products
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
network
low complexity
linux redhat CWE-74
critical
 10.0
10
2019-11-27 CVE-2019-14896 Heap-based Buffer Overflow vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver.
network
low complexity
linux redhat fedoraproject canonical debian CWE-122
critical
 9.8
9.8
2019-11-22 CVE-2014-3585 Improper Verification of Cryptographic Signature vulnerability in Redhat Enterprise Linux and Redhat-Upgrade-Tool
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
network
low complexity
redhat CWE-347
critical
 9.8
9.8
2019-11-17 CVE-2019-19012 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker.
network
low complexity
oniguruma-project debian fedoraproject redhat CWE-190
critical
 9.8
9.8
2019-10-28 CVE-2019-11043 Out-of-bounds Write vulnerability in multiple products
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
network
low complexity
php canonical debian fedoraproject tenable redhat CWE-787
critical
 9.8
9.8
2019-09-06 CVE-2019-14813 Incorrect Authorization vulnerability in multiple products
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex redhat fedoraproject opensuse debian CWE-863
critical
 9.8
9.8
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
 9.8
9.8
2019-06-14 CVE-2019-10126 Heap-based Buffer Overflow vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp CWE-122
critical
 9.8
9.8