Vulnerabilities > Redhat > Enterprise Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-23 | CVE-2019-2762 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). | 5.3 |
2019-07-23 | CVE-2019-2757 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.9 |
2019-07-23 | CVE-2019-2755 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). | 4.9 |
2019-07-23 | CVE-2019-2752 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). | 4.9 |
2019-07-22 | CVE-2019-9959 | Integer Overflow or Wraparound vulnerability in multiple products The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. | 6.5 |
2019-06-24 | CVE-2019-12384 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. | 5.9 |
2019-06-19 | CVE-2019-11038 | Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. | 5.3 |
2019-06-03 | CVE-2019-12614 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. | 4.1 |
2019-05-23 | CVE-2019-5798 | Out-of-bounds Read vulnerability in multiple products Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 6.5 |
2019-05-15 | CVE-2019-11833 | Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | 5.5 |