Vulnerabilities > Redhat > Enterprise Linux > High

DATE CVE VULNERABILITY TITLE RISK
2019-12-10 CVE-2019-13734 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2019-11-27 CVE-2019-10216 In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
local
low complexity
artifex redhat
7.8
2019-11-26 CVE-2011-3632 Link Following vulnerability in multiple products
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
local
low complexity
hardlink-project redhat debian CWE-59
7.1
2019-11-26 CVE-2011-3631 Integer Overflow or Wraparound vulnerability in multiple products
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used.
network
low complexity
hardlink-project redhat debian CWE-190
8.8
2019-11-26 CVE-2011-3630 Out-of-bounds Write vulnerability in multiple products
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed.
network
low complexity
hardlink-project redhat debian CWE-787
8.8
2019-11-25 CVE-2019-14822 Missing Authorization vulnerability in multiple products
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup.
local
low complexity
ibus-project redhat canonical oracle CWE-862
7.1
2019-11-25 CVE-2019-14815 A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
local
low complexity
linux redhat netapp
7.8
2019-11-22 CVE-2012-0877 Resource Exhaustion vulnerability in multiple products
PyXML: Hash table collisions CPU usage Denial of Service
network
low complexity
python redhat CWE-400
7.5
2019-11-20 CVE-2013-1817 Information Exposure vulnerability in multiple products
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
network
low complexity
mediawiki debian redhat fedoraproject CWE-200
7.5
2019-11-20 CVE-2013-1816 Improper Input Validation vulnerability in multiple products
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.
network
low complexity
mediawiki debian redhat fedoraproject CWE-20
7.5