Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-06 CVE-2014-8181 Improper Initialization vulnerability in Redhat Enterprise Linux and Enterprise MRG
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
local
low complexity
redhat CWE-665
5.5
5.5
2019-11-05 CVE-2013-5661 Authentication Bypass by Spoofing vulnerability in multiple products
Cache Poisoning issue exists in DNS Response Rate Limiting.
network
high complexity
isc nlnetlabs nic redhat CWE-290
5.9
5.9
2019-11-01 CVE-2013-3718 Improper Input Validation vulnerability in multiple products
evince is missing a check on number of pages which can lead to a segmentation fault
local
low complexity
gnome debian redhat opensuse CWE-20
5.5
5.5
2019-10-16 CVE-2019-2999 Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc).
network
high complexity
oracle redhat netapp debian opensuse canonical
4.7
4.7
2019-10-16 CVE-2019-2996 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment).
network
high complexity
oracle netapp redhat
4.2
4.2
2019-10-16 CVE-2019-2975 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting).
network
high complexity
oracle redhat netapp debian opensuse mcafee canonical
4.8
4.8
2019-10-09 CVE-2019-6465 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition.
network
low complexity
isc redhat CWE-732
5.3
5.3
2019-09-30 CVE-2019-16994 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
local
high complexity
linux redhat opensuse CWE-401
4.7
4.7
2019-09-21 CVE-2019-16680 Path Traversal vulnerability in multiple products
An issue was discovered in GNOME file-roller before 3.29.91.
network
low complexity
gnome redhat debian canonical CWE-22
4.3
4.3
2019-09-17 CVE-2019-14826 Insufficient Session Expiration vulnerability in multiple products
A flaw was found in FreeIPA versions 4.5.0 and later.
local
low complexity
freeipa redhat CWE-613
4.4
4.4