Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-19 | CVE-2019-3896 | A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. | 7.8 |
| 2019-06-19 | CVE-2019-11479 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. | 7.5 |
| 2019-06-19 | CVE-2019-11478 | Resource Exhaustion vulnerability in multiple products Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. | 7.5 |
| 2019-06-19 | CVE-2019-11477 | Integer Overflow or Wraparound vulnerability in multiple products Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). | 7.5 |
| 2019-06-19 | CVE-2019-11040 | Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. | 9.1 |
| 2019-06-19 | CVE-2019-11039 | Integer Overflow or Wraparound vulnerability in multiple products Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. | 9.1 |
| 2019-06-19 | CVE-2019-11038 | Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. | 5.3 |
| 2019-06-18 | CVE-2012-6711 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. | 7.8 |
| 2019-06-17 | CVE-2019-8324 | Code Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 8.8 |
| 2019-06-14 | CVE-2019-10159 | Unspecified vulnerability in Redhat Cfme-Gemset and Cloudforms cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. | 4.3 |