Vulnerabilities > Redhat > Software Collections
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-23 | CVE-2019-2581 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.9 |
2019-04-23 | CVE-2019-2580 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.9 |
2019-04-18 | CVE-2019-11035 | Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. | 9.1 |
2019-04-18 | CVE-2019-11034 | Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. | 9.1 |
2019-04-08 | CVE-2019-0211 | Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. | 7.8 |
2019-04-07 | CVE-2019-10906 | In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. | 8.6 |
2019-03-27 | CVE-2019-5419 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. | 7.5 |
2019-03-27 | CVE-2019-5418 | There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. | 7.5 |
2019-03-09 | CVE-2019-9640 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
2019-03-09 | CVE-2019-9639 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |