Vulnerabilities > Redhat > Enterprise MRG
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-05 | CVE-2013-6460 | XML Entity Expansion vulnerability in multiple products Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents | 6.5 |
2019-06-19 | CVE-2019-11478 | Resource Exhaustion vulnerability in multiple products Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. | 7.5 |
2019-06-19 | CVE-2019-11477 | Integer Overflow or Wraparound vulnerability in multiple products Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). | 7.5 |
2019-04-11 | CVE-2019-3459 | Out-of-bounds Read vulnerability in multiple products A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. | 6.5 |
2018-12-18 | CVE-2018-16884 | A flaw was found in the Linux kernel's NFS41+ subsystem. | 8.0 |
2018-07-30 | CVE-2017-7482 | Integer Overflow or Wraparound vulnerability in multiple products In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. | 7.8 |
2018-02-09 | CVE-2014-8171 | Resource Management Errors vulnerability in multiple products The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup. | 5.5 |
2018-01-14 | CVE-2017-15128 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. | 5.5 |
2018-01-14 | CVE-2017-15127 | A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. | 5.5 |
2017-10-18 | CVE-2014-3706 | Improper Certificate Validation vulnerability in Redhat Enterprise MRG 3.0 ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates. | 5.9 |