Redhat

Enterprise Linux

1715 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2019-2585

  • EPSS 0.59%
  • Veröffentlicht 23.04.2019 19:32:49
  • Zuletzt bearbeitet 21.11.2024 04:41:09

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

4.9

CVE-2019-2587

  • EPSS 0.59%
  • Veröffentlicht 23.04.2019 19:32:49
  • Zuletzt bearbeitet 21.11.2024 04:41:09

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl...

4.9

CVE-2019-2589

  • EPSS 0.59%
  • Veröffentlicht 23.04.2019 19:32:49
  • Zuletzt bearbeitet 21.11.2024 04:41:10

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access ...

5.5

CVE-2019-11459

  • EPSS 0.72%
  • Veröffentlicht 22.04.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:07

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIF...

5.9

CVE-2019-3902

  • EPSS 0.75%
  • Veröffentlicht 22.04.2019 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:49

A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.

9.8

CVE-2019-11234

  • EPSS 21.26%
  • Veröffentlicht 22.04.2019 11:29:03
  • Zuletzt bearbeitet 21.11.2024 04:20:46

FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.

9.8

CVE-2019-11235

  • EPSS 5.9%
  • Veröffentlicht 22.04.2019 11:29:03
  • Zuletzt bearbeitet 21.11.2024 04:20:47

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar is...

7.5

CVE-2019-10245

  • EPSS 1.59%
  • Veröffentlicht 19.04.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:43

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.

7.8

CVE-2018-16877

  • EPSS 0.04%
  • Veröffentlicht 18.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:30

A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

5.5

CVE-2018-16878

  • EPSS 0.02%
  • Veröffentlicht 18.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:30

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS