Enterprise Linux Eus

enterprise_linux_eus

Vendor: Redhat • 779 CVEs

CVEs (779)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-2593 3Fedoraproject OracleRedhat 7Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+4 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2592 4Canonical FedoraprojectOracle+1 more 8Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+5 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privile...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2587 3Fedoraproject OracleRedhat 7Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+4 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker w...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2585 3Fedoraproject OracleRedhat 7Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+4 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2584 3Fedoraproject OracleRedhat 7Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+4 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2581 4Canonical FedoraprojectOracle+1 more 8Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+5 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2580 3Fedoraproject OracleRedhat 7Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+4 more Nov 21, 2024 Apr 23, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-0223 2Apache Redhat 10Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+7 more Nov 21, 2024 Apr 23, 2019 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS even when conf...Show more While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic.Show less
CVE-2019-11459 6Canonical DebianFedoraproject+3 more 9Debian Linux Enterprise LinuxEnterprise Linux Eus+6 more Nov 21, 2024 Apr 22, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory u...Show more The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.Show less
CVE-2019-11235 5Canonical FedoraprojectFreeradius+2 more 10Enterprise Linux Enterprise Linux EusEnterprise Linux Server+7 more Nov 21, 2024 Apr 22, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dr...Show more FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.Show less
CVE-2018-16878 6Canonical ClusterlabsDebian+3 more 9Debian Linux Enterprise LinuxEnterprise Linux Aus+6 more Nov 21, 2024 Apr 18, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
CVE-2018-16877 6Canonical ClusterlabsDebian+3 more 9Debian Linux Enterprise LinuxEnterprise Linux Eus+6 more Nov 21, 2024 Apr 18, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local...Show more A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.Show less
CVE-2019-3460 4Canonical DebianLinux+1 more 16Codeready Linux Builder Debian LinuxEnterprise Linux+13 more Nov 21, 2024 Apr 11, 2019 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2019-3459 4Canonical DebianLinux+1 more 16Codeready Linux Builder Debian LinuxEnterprise Linux+13 more Nov 21, 2024 Apr 11, 2019 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2019-3887 4Canonical FedoraprojectLinux+1 more 11Enterprise Linux Enterprise Linux EusEnterprise Linux For Real Time+8 more Nov 21, 2024 Apr 9, 2019 N/A· v4 5.6 MEDIUM· v3 4.7 MEDIUM· v2 A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtu...Show more A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.Show less
CVE-2019-0757 3Microsoft Mono ProjectRedhat 8.net Core Sdk Enterprise LinuxEnterprise Linux Eus+5 more Nov 21, 2024 Apr 9, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'...Show more A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.Show less
CVE-2019-0211 8Apache CanonicalDebian+5 more 27Communications Session Report Manager Communications Session Route ManagerDebian Linux+24 more Oct 27, 2025 Apr 8, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) cou...Show more In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.Show less
CVE-2019-0160 4Fedoraproject OpensuseRedhat+1 more 8Edk Ii Enterprise LinuxEnterprise Linux Eus+5 more Nov 21, 2024 Mar 27, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
CVE-2019-9948 6Canonical DebianFedoraproject+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more Nov 21, 2024 Mar 23, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('l...Show more urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.Show less
CVE-2019-9903 5Canonical DebianFedoraproject+2 more 8Debian Linux Enterprise LinuxEnterprise Linux Eus+5 more Nov 21, 2024 Mar 21, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file...Show more PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.Show less

Previous 1...121314...39 Next