Redhat Enterprise Linux Server vulnerabilities

1,891 known vulnerabilities affecting redhat/enterprise_linux_server.

Total CVEs

1,891

CISA KEV

actively exploited

Public exploits

128

Exploited in wild

Severity breakdown

CRITICAL347HIGH710MEDIUM734LOW100

Vulnerabilities

Page 5 of 95

CVE-2015-3147MEDIUMCVSS 6.5v7.02020-01-14

CVE-2015-3147 [MEDIUM] CWE-59 CVE-2015-3147: daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports fro daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.

nvd

CVE-2020-6851HIGHCVSS 7.5v7.02020-01-13

CVE-2020-6851 [HIGH] CWE-787 CVE-2020-6851: OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

nvd

CVE-2019-17024HIGHCVSS 8.8v6.0v7.02020-01-08

CVE-2019-17024 [HIGH] CWE-787 CVE-2019-17024: Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of t Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

nvd

CVE-2019-17017HIGHCVSS 8.8v6.0v7.02020-01-08

CVE-2019-17017 [HIGH] CWE-843 CVE-2019-17017: Due to a missing case handling object types, a type confusion vulnerability could occur, resulting i Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

nvd

CVE-2019-17016MEDIUMCVSS 6.1v6.0v7.02020-01-08

CVE-2019-17016 [MEDIUM] CWE-79 CVE-2019-17016: When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incor When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

nvd

CVE-2019-17022MEDIUMCVSS 6.1v6.0v7.02020-01-08

CVE-2019-17022 [MEDIUM] CWE-79 CVE-2019-17022: When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer does not escape characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, th

nvd

CVE-2019-19925HIGHCVSS 7.5v6.02019-12-24

CVE-2019-19925 [HIGH] CWE-434 CVE-2019-19925: zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

nvd

CVE-2019-19923HIGHCVSS 7.5v6.02019-12-24

CVE-2019-19923 [HIGH] CWE-476 CVE-2019-19923: flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

nvd

CVE-2019-19926HIGHCVSS 7.5v6.02019-12-23

CVE-2019-19926 [HIGH] CVE-2019-19926: multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated b multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

nvd

CVE-2019-8689HIGHCVSS 8.8PoCv7.02019-12-18

CVE-2019-8689 [HIGH] CWE-787 CVE-2019-8689: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8688HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8688 [HIGH] CWE-787 CVE-2019-8688: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8816HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8816 [HIGH] CWE-787 CVE-2019-8816: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8544HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8544 [HIGH] CWE-787 CVE-2019-8544: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-19880HIGHCVSS 7.5v6.02019-12-18

CVE-2019-19880 [HIGH] CWE-476 CVE-2019-19880: exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer deref exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

nvd

CVE-2019-8506HIGHCVSS 8.8KEVPoCv7.02019-12-18

CVE-2019-8506 [HIGH] CWE-843 CVE-2019-8506: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8536HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8536 [HIGH] CWE-787 CVE-2019-8536: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8815HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8815 [HIGH] CWE-787 CVE-2019-8815: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8669HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8669 [HIGH] CWE-787 CVE-2019-8669: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8672HIGHCVSS 8.8PoCv7.02019-12-18

CVE-2019-8672 [HIGH] CWE-787 CVE-2019-8672: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8814HIGHCVSS 8.8v7.02019-12-18

CVE-2019-8814 [HIGH] CWE-787 CVE-2019-8814: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

← Previous5 / 95Next →