Redhat Enterprise Linux Server Aus vulnerabilities

CVE-2020-2583 [LOW] CWE-755 CVE-2020-2583: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedd

CVE-2020-2590 [LOW] CVE-2020-2590: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supp Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks

CVE-2014-7844 [HIGH] CWE-74 CVE-2014-7844: BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted emai BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.

CVE-2015-3147 [MEDIUM] CWE-59 CVE-2015-3147: daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports fro daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.

CVE-2020-6851 [HIGH] CWE-787 CVE-2020-6851: OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

CVE-2019-11745 [HIGH] CWE-787 CVE-2019-11745: When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVE-2019-17024 [HIGH] CWE-787 CVE-2019-17024: Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of t Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVE-2019-17017 [HIGH] CWE-843 CVE-2019-17017: Due to a missing case handling object types, a type confusion vulnerability could occur, resulting i Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVE-2019-17016 [MEDIUM] CWE-79 CVE-2019-17016: When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer incor When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVE-2019-17022 [MEDIUM] CWE-79 CVE-2019-17022: When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer does When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer does not escape characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, th

CVE-2019-19906 [HIGH] CWE-193 CVE-2019-19906: cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote deni cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.

CVE-2018-1311 [HIGH] CWE-416 CVE-2018-1311: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the s The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using

CVE-2019-13734 [HIGH] CWE-787 CVE-2019-13734: Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to po Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5544 [CRITICAL] CWE-787 CVE-2019-5544: OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evalu OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

CVE-2019-10216 [HIGH] CWE-648 CVE-2019-10216: In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

CVE-2019-14815 [HIGH] CWE-122 CVE-2019-14815: A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

CVE-2019-0155 [HIGH] CVE-2019-0155: Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6,

CVE-2018-12207 [MEDIUM] CWE-20 CVE-2018-12207: Improper invalidation for page table updates by a virtual guest operating system for multiple Intel( Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

CVE-2019-11135 [MEDIUM] CWE-385 CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authentic TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2017-5332 [HIGH] CWE-119 CVE-2017-5332: The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access un The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.