Vulnerabilities > Redhat > Enterprise Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-23 | CVE-2019-2697 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). | 8.1 |
| 2019-04-23 | CVE-2019-2602 | Resource Exhaustion vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 7.5 |
| 2019-04-19 | CVE-2019-10245 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. | 7.5 |
| 2019-04-18 | CVE-2018-16877 | A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. | 7.8 |
| 2019-04-17 | CVE-2019-3883 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. | 7.5 |
| 2019-04-09 | CVE-2019-3842 | Incorrect Authorization vulnerability in multiple products In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. | 7.0 |
| 2019-04-08 | CVE-2019-0211 | Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. | 7.8 |
| 2019-04-08 | CVE-2019-0217 | Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | 7.5 |
| 2019-03-26 | CVE-2019-3878 | Improper Authentication vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. | 8.1 |
| 2019-03-25 | CVE-2019-3857 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. | 8.8 |