Vulnerabilities > Redhat > Enterprise Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-06-03 CVE-2019-11356 Out-of-bounds Write vulnerability in multiple products
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
network
low complexity
cyrus fedoraproject debian canonical redhat CWE-787
critical
 9.8
9.8
2019-05-29 CVE-2019-12450 Incorrect Default Permissions vulnerability in multiple products
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress.
network
low complexity
gnome debian redhat canonical opensuse fedoraproject CWE-276
critical
 9.8
9.8
2019-03-27 CVE-2019-0160 Out-of-bounds Write vulnerability in multiple products
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
network
low complexity
tianocore opensuse fedoraproject redhat CWE-787
critical
 9.8
9.8
2019-03-08 CVE-2019-9636 Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization.
network
low complexity
python fedoraproject opensuse debian canonical redhat oracle
critical
 9.8
9.8
2019-02-06 CVE-2019-3822 Out-of-bounds Write vulnerability in multiple products
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow.
network
low complexity
haxx canonical debian netapp siemens oracle redhat CWE-787
critical
 9.8
9.8
2018-12-07 CVE-2018-18311 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190
critical
 9.8
9.8
2018-12-07 CVE-2018-18313 Out-of-bounds Read vulnerability in multiple products
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
network
low complexity
perl canonical debian redhat netapp apple CWE-125
critical
 9.1
9.1
2018-12-07 CVE-2018-18314 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian netapp redhat CWE-119
critical
 9.8
9.8
2018-12-05 CVE-2018-18312 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian redhat netapp CWE-119
critical
 9.8
9.8
2018-11-13 CVE-2018-16850 SQL Injection vulnerability in multiple products
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ...
network
low complexity
postgresql redhat canonical CWE-89
critical
 9.8
9.8