Vulnerabilities > Redhat > Software Collections

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2019-2532 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp canonical redhat
4.9
4.9
2019-01-16 CVE-2019-2531 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle netapp canonical redhat
4.9
4.9
2019-01-16 CVE-2019-2530 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle netapp redhat
4.9
4.9
2019-01-16 CVE-2019-2436 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle netapp redhat
5.5
5.5
2019-01-16 CVE-2019-2434 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser).
network
low complexity
oracle canonical netapp redhat
6.5
6.5
2019-01-16 CVE-2019-2420 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical netapp redhat
4.9
4.9
2017-10-24 CVE-2017-12613 Out-of-bounds Read vulnerability in multiple products
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
local
low complexity
apache debian redhat CWE-125
7.1
7.1
2016-04-13 CVE-2015-7545 Improper Input Validation vulnerability in multiple products
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule.
network
low complexity
git-project redhat canonical opensuse CWE-20
7.5
7.5
2016-02-15 CVE-2016-0742 NULL Pointer Dereference vulnerability in multiple products
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
network
low complexity
f5 canonical debian opensuse apple redhat CWE-476
5.0
5.0