Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-18 | CVE-2019-19062 | Memory Leak vulnerability in multiple products A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | 4.7 |
| 2019-11-14 | CVE-2018-12207 | Improper Input Validation vulnerability in multiple products Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | 6.5 |
| 2019-11-14 | CVE-2019-11135 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | 6.5 |
| 2019-11-13 | CVE-2014-8167 | Improper Certificate Validation vulnerability in Redhat products vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack | 5.9 |
| 2019-11-13 | CVE-2014-3655 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Jboss Enterprise web Server and Keycloak JBoss KeyCloak is vulnerable to soft token deletion via CSRF | 4.3 |
| 2019-11-13 | CVE-2014-3592 | Cross-site Scripting vulnerability in Redhat Openshift Origin OpenShift Origin: Improperly validated team names could allow stored XSS attacks | 6.1 |
| 2019-11-12 | CVE-2010-3857 | Cross-site Scripting vulnerability in Redhat Jboss Business Rules Management System JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter. | 6.1 |
| 2019-11-12 | CVE-2014-3599 | XXE vulnerability in Redhat Hornetq HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy | 6.5 |
| 2019-11-08 | CVE-2019-3866 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack-Mistral An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. | 5.5 |
| 2019-11-08 | CVE-2019-14860 | Unspecified vulnerability in Redhat Fuse and Syndesis It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. | 6.5 |