Redhat

Enterprise Linux

1709 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2019-19081

  • EPSS 1.24%
  • Veröffentlicht 18.11.2019 06:15:13
  • Zuletzt bearbeitet 21.11.2024 04:34:09

A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.

4.7

CVE-2019-19062

  • EPSS 0.1%
  • Veröffentlicht 18.11.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:34:06

A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.

4.7

CVE-2019-19066

  • EPSS 0.08%
  • Veröffentlicht 18.11.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:34:07

A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.

4.9

CVE-2019-19068

  • EPSS 0.09%
  • Veröffentlicht 18.11.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:34:07

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() fail...

9.8

CVE-2019-19012

Exploit
  • EPSS 14.78%
  • Veröffentlicht 17.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:59

An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). ...

7.5

CVE-2011-2726

  • EPSS 0.38%
  • Veröffentlicht 15.11.2019 17:15:12
  • Zuletzt bearbeitet 21.11.2024 01:28:50

An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory ...

7.5

CVE-2016-5285

  • EPSS 0.65%
  • Veröffentlicht 15.11.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 02:53:59

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

6.5

CVE-2019-11135

  • EPSS 0.24%
  • Veröffentlicht 14.11.2019 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:20:35

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

7.5

CVE-2012-1155

  • EPSS 1.27%
  • Veröffentlicht 14.11.2019 16:15:14
  • Zuletzt bearbeitet 21.11.2024 01:36:33

Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

7.5

CVE-2012-1156

  • EPSS 1.23%
  • Veröffentlicht 14.11.2019 16:15:14
  • Zuletzt bearbeitet 21.11.2024 01:36:33

Moodle before 2.2.2 has users' private files included in course backups