Vulnerabilities > Redhat > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-10 | CVE-2013-2166 | Inadequate Encryption Strength vulnerability in multiple products python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass | 9.8 |
2019-12-06 | CVE-2019-5544 | Out-of-bounds Write vulnerability in multiple products OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. | 9.8 |
2019-12-06 | CVE-2019-19334 | Out-of-bounds Write vulnerability in multiple products In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". | 9.8 |
2019-12-06 | CVE-2019-19333 | Out-of-bounds Write vulnerability in multiple products In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". | 9.8 |
2019-11-27 | CVE-2011-2717 | Injection vulnerability in multiple products The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. | 10.0 |
2019-11-27 | CVE-2019-14896 | Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. | 9.8 |
2019-11-26 | CVE-2019-14842 | Incorrect Conversion between Numeric Types vulnerability in Redhat Libnbd Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. | 9.8 |
2019-11-22 | CVE-2014-3585 | Improper Verification of Cryptographic Signature vulnerability in Redhat Enterprise Linux and Redhat-Upgrade-Tool redhat-upgrade-tool: Does not check GPG signatures when upgrading versions | 9.8 |
2019-11-17 | CVE-2019-19012 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. | 9.8 |
2019-11-01 | CVE-2011-3923 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands. | 9.8 |