Vulnerabilities > Redhat > Enterprise Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-01-07 CVE-2019-14906 Out-of-bounds Write vulnerability in multiple products
A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability.
network
low complexity
libsdl redhat CWE-787
critical
 9.8
9.8
2019-12-06 CVE-2019-19333 Out-of-bounds Write vulnerability in multiple products
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits".
network
low complexity
cesnet redhat CWE-787
critical
 9.8
9.8
2019-12-06 CVE-2019-19334 Out-of-bounds Write vulnerability in multiple products
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref".
network
low complexity
cesnet redhat fedoraproject CWE-787
critical
 9.8
9.8
2019-11-27 CVE-2011-2717 Injection vulnerability in multiple products
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
network
low complexity
linux redhat CWE-74
critical
 10.0
10
2019-11-27 CVE-2019-14896 Heap-based Buffer Overflow vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver.
network
low complexity
linux redhat fedoraproject canonical debian CWE-122
critical
 9.8
9.8
2019-11-22 CVE-2014-3585 Improper Verification of Cryptographic Signature vulnerability in Redhat Enterprise Linux and Redhat-Upgrade-Tool
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
network
low complexity
redhat CWE-347
critical
 9.8
9.8
2019-11-17 CVE-2019-19012 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker.
network
low complexity
oniguruma-project debian fedoraproject redhat CWE-190
critical
 9.8
9.8
2019-09-06 CVE-2019-14813 Incorrect Authorization vulnerability in multiple products
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex redhat fedoraproject opensuse debian CWE-863
critical
 9.8
9.8
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
 9.8
9.8
2019-06-14 CVE-2019-10126 Heap-based Buffer Overflow vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp CWE-122
critical
 9.8
9.8