Vulnerabilities > Redhat > Software Collections

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2019-2581 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical fedoraproject redhat
4.9
2019-04-23 CVE-2019-2580 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle fedoraproject redhat
4.9
2019-04-18 CVE-2019-11035 Out-of-bounds Read vulnerability in multiple products
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function.
network
low complexity
php canonical netapp redhat opensuse debian CWE-125
critical
9.1
2019-04-18 CVE-2019-11034 Out-of-bounds Read vulnerability in multiple products
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function.
network
low complexity
php canonical netapp redhat debian opensuse CWE-125
critical
9.1
2019-04-08 CVE-2019-0211 Use After Free vulnerability in multiple products
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard.
7.8
2019-04-07 CVE-2019-10906 In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. 8.6
2019-03-27 CVE-2019-5419 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
7.5
2019-03-27 CVE-2019-5418 There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. 7.5
2019-03-09 CVE-2019-9640 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php canonical debian opensuse netapp redhat CWE-125
7.5
2019-03-09 CVE-2019-9639 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp redhat CWE-909
7.5