Vulnerabilities > Redhat > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-10 | CVE-2019-13726 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
2019-12-10 | CVE-2019-13725 | Use After Free vulnerability in multiple products Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
2019-12-05 | CVE-2019-14910 | Improper Certificate Validation vulnerability in Redhat Keycloak 7.0.0/7.0.1 A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. | 7.5 |
2019-12-04 | CVE-2019-14909 | Improper Authentication vulnerability in Redhat Keycloak 7.0.0/7.0.1 A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted. | 7.5 |
2019-11-27 | CVE-2019-10216 | In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
2019-11-25 | CVE-2019-13723 | Use After Free vulnerability in multiple products Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-11-25 | CVE-2019-14815 | Heap-based Buffer Overflow vulnerability in multiple products A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | 7.8 |
2019-11-23 | CVE-2019-11287 | Use of Externally-Controlled Format String vulnerability in multiple products Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. | 7.5 |
2019-11-22 | CVE-2012-0877 | Resource Exhaustion vulnerability in multiple products PyXML: Hash table collisions CPU usage Denial of Service | 7.8 |
2019-11-21 | CVE-2014-3700 | Injection vulnerability in Redhat Edeploy and Jboss Enterprise web Server eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data | 7.5 |