Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-09 | CVE-2018-11307 | Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. | 9.8 |
| 2019-07-05 | CVE-2019-13314 | Information Exposure vulnerability in Redhat Virt-Bootstrap 1.1.0 virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py. | 7.8 |
| 2019-07-05 | CVE-2019-13313 | Information Exposure vulnerability in multiple products libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. | 7.8 |
| 2019-07-03 | CVE-2019-10183 | Unspecified vulnerability in Redhat Enterprise Linux and Virt-Manager Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. | 3.3 |
| 2019-07-02 | CVE-2019-10137 | Unspecified vulnerability in Redhat Satellite and Spacewalk A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. | 9.8 |
| 2019-07-02 | CVE-2019-10136 | Unspecified vulnerability in Redhat Satellite and Spacewalk It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. | 4.3 |
| 2019-06-27 | CVE-2019-10177 | Cross-site Scripting vulnerability in Redhat Cloudforms Management Engine 5.10/5.9 A stored cross-site scripting (XSS) vulnerability was found in the PDF export component of CloudForms, versions 5.9 and 5.10, due to user input is not properly sanitized. | 6.5 |
| 2019-06-26 | CVE-2019-10164 | Out-of-bounds Write vulnerability in multiple products PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. | 8.8 |
| 2019-06-25 | CVE-2019-12817 | Out-of-bounds Write vulnerability in multiple products arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. | 7.0 |
| 2019-06-24 | CVE-2019-12384 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. | 5.9 |