Redhat Enterprise Linux Workstation vulnerabilities

CVE-2019-13743 [MEDIUM] CVE-2019-13743: Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.

CVE-2019-13761 [MEDIUM] CVE-2019-13761: Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

CVE-2019-13746 [MEDIUM] CVE-2019-13746: Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote a Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2019-13762 [LOW] CWE-667 CVE-2019-13762: Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allow Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.

CVE-2019-5544 [CRITICAL] CWE-787 CVE-2019-5544: OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evalu OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

CVE-2019-10216 [HIGH] CWE-648 CVE-2019-10216: In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

CVE-2019-13723 [HIGH] CWE-416 CVE-2019-13723: Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2012-6136 [MEDIUM] CWE-276 CVE-2012-6136: tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitra tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

CVE-2019-11135 [MEDIUM] CWE-385 CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authentic TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2017-5332 [HIGH] CWE-119 CVE-2017-5332: The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access un The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.

CVE-2017-5333 [HIGH] CWE-190 CVE-2017-5333: Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icout Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.

CVE-2019-6470 [HIGH] CVE-2019-6470: There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when o There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND lib

CVE-2019-11043 [CRITICAL] CWE-120 CVE-2019-11043: In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurati In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

CVE-2019-17631 [CRITICAL] CWE-285 CVE-2019-17631: From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.

CVE-2019-14287 [HIGH] CWE-755 CVE-2019-14287: In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain poli In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

CVE-2019-2989 [MEDIUM] CVE-2019-2989: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Su Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While th

CVE-2019-2949 [MEDIUM] CVE-2019-2949: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supp Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerabil

CVE-2019-2996 [MEDIUM] CVE-2019-2996: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). Th Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). The supported version that is affected is Java SE: 8u221; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require hu

CVE-2019-2999 [MEDIUM] CVE-2019-2999: Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than th

CVE-2019-2975 [MEDIUM] CVE-2019-2975: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Sup Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attac