Vulnerabilities > Redhat > Low

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2015-7559 Improper Input Validation vulnerability in multiple products
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class.
network
low complexity
apache redhat CWE-20
2.7
2019-07-30 CVE-2019-10165 Information Exposure Through Log Files vulnerability in Redhat Openshift Container Platform
OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server.
local
low complexity
redhat CWE-532
2.3
2019-07-23 CVE-2019-2738 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling).
network
high complexity
oracle canonical fedoraproject redhat
3.1
2019-07-23 CVE-2019-2786 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle opensuse hp canonical redhat
3.4
2019-07-23 CVE-2019-2789 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle fedoraproject redhat
2.7
2019-07-23 CVE-2019-2814 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
high complexity
oracle redhat
2.2
2019-07-03 CVE-2019-10183 Unspecified vulnerability in Redhat Enterprise Linux and Virt-Manager
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction.
local
low complexity
redhat
3.3
2019-06-12 CVE-2019-10155 Improper Validation of Integrity Check Value vulnerability in multiple products
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified.
3.1
2019-05-10 CVE-2019-11884 The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. 3.3
2019-04-24 CVE-2019-3868 Information Exposure vulnerability in Redhat Keycloak
Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC.
network
low complexity
redhat CWE-200
3.8