Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2019-12-11 CVE-2014-0163 OS Command Injection vulnerability in Redhat Openshift 1.0/2.0
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
network
low complexity
redhat CWE-78
8.8
8.8
2019-12-11 CVE-2014-0026 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Subscription Asset Manager 1.0.0
katello-headpin is vulnerable to CSRF in REST API
network
low complexity
redhat CWE-352
6.5
6.5
2019-12-11 CVE-2013-7370 Cross-site Scripting vulnerability in multiple products
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware
network
low complexity
redhat sencha opensuse debian CWE-79
6.1
6.1
2019-12-11 CVE-2013-6495 Cross-site Scripting vulnerability in Redhat products
JBossWeb Bayeux has reflected XSS
network
low complexity
redhat CWE-79
6.1
6.1
2019-12-10 CVE-2019-13764 Type Confusion vulnerability in multiple products
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 		8.8
8.8
2019-12-10 CVE-2019-13763 Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat
4.3
4.3
2019-12-10 CVE-2019-13762 Improper Locking vulnerability in multiple products
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
local
low complexity
google debian fedoraproject redhat CWE-667
3.3
3.3
2019-12-10 CVE-2019-13761 Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian fedoraproject redhat
4.3
4.3
2019-12-10 CVE-2019-13759 Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat
4.3
4.3
2019-12-10 CVE-2019-13758 Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat
4.3
4.3