Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-02-09 CVE-2019-7665 Out-of-bounds Read vulnerability in multiple products
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. 		4.3
4.3
2019-02-09 CVE-2019-7664 Out-of-bounds Write vulnerability in multiple products
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check.
local
low complexity
elfutils-project redhat CWE-787
5.5
5.5
2019-02-06 CVE-2019-7548 SQL Injection vulnerability in multiple products
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. 		6.8
6.8
2019-02-06 CVE-2019-3825 Improper Authentication vulnerability in multiple products
A vulnerability was discovered in gdm before 3.31.4. 		6.9
6.9
2019-02-05 CVE-2018-18506 When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server.
network
high complexity
mozilla canonical debian redhat opensuse
5.9
5.9
2019-01-31 CVE-2019-6111 Path Traversal vulnerability in multiple products
An issue was discovered in OpenSSH 7.9. 		5.9
5.9
2019-01-31 CVE-2019-6109 Improper Encoding or Escaping of Output vulnerability in multiple products
An issue was discovered in OpenSSH 7.9. 		6.8
6.8
2019-01-29 CVE-2019-7150 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in elfutils 0.175. 		4.3
4.3
2019-01-16 CVE-2019-2539 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection).
network
low complexity
oracle netapp redhat
4.9
4.9
2019-01-16 CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian netapp mariadb redhat
4.0
4.0