CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2019-14832 863 2019-10-15 2019-12-11
6.0
None Remote Medium ??? Partial Partial Partial
A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.
102 CVE-2019-14819 269 2020-01-07 2020-01-10
6.5
None Remote Low ??? Partial Partial Partial
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints.
103 CVE-2019-14817 863 Exec Code Bypass 2019-09-03 2020-10-16
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
104 CVE-2019-14811 863 Exec Code Bypass 2019-09-03 2020-10-16
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
105 CVE-2019-13730 787 2019-12-10 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
106 CVE-2019-13723 787 2019-11-25 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
107 CVE-2019-11811 416 2019-05-07 2020-05-06
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
108 CVE-2019-11745 787 2020-01-08 2021-02-19
6.8
None Remote Medium Not required Partial Partial Partial
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
109 CVE-2019-11247 863 2019-08-29 2020-10-02
6.5
None Remote Low ??? Partial Partial Partial
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
110 CVE-2019-11040 125 2019-06-19 2020-10-16
6.4
None Remote Low Not required Partial None Partial
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
111 CVE-2019-11039 125 Overflow 2019-06-19 2020-10-16
6.4
None Remote Low Not required Partial None Partial
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
112 CVE-2019-11036 125 2019-05-03 2020-10-02
6.4
None Remote Low Not required Partial None Partial
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
113 CVE-2019-11035 125 2019-04-18 2020-10-02
6.4
None Remote Low Not required Partial None Partial
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
114 CVE-2019-11034 125 2019-04-18 2020-10-02
6.4
None Remote Low Not required Partial None Partial
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
115 CVE-2019-10744 2019-07-26 2021-03-16
6.4
None Remote Low Not required None Partial Partial
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
116 CVE-2019-10356 Exec Code Bypass 2019-07-31 2020-10-02
6.5
None Remote Low ??? Partial Partial Partial
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.
117 CVE-2019-10355 704 Exec Code Bypass 2019-07-31 2020-10-02
6.5
None Remote Low ??? Partial Partial Partial
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
118 CVE-2019-10225 522 2021-03-19 2021-03-26
6.5
None Remote Low ??? Partial Partial Partial
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files.
119 CVE-2019-10216 Bypass 2019-11-27 2020-09-30
6.8
None Remote Medium Not required Partial Partial Partial
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
120 CVE-2019-10199 352 2019-08-14 2021-10-28
6.8
None Remote Medium Not required Partial Partial Partial
It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.
121 CVE-2019-10193 787 Overflow 2019-07-11 2021-10-28
6.5
None Remote Low ??? Partial Partial Partial
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.
122 CVE-2019-10192 787 Overflow 2019-07-11 2021-10-28
6.5
None Remote Low ??? Partial Partial Partial
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.
123 CVE-2019-10177 79 Exec Code +Priv XSS CSRF 2019-06-27 2020-09-30
6.0
None Remote Medium ??? Partial Partial Partial
A stored cross-site scripting (XSS) vulnerability was found in the PDF export component of CloudForms, versions 5.9 and 5.10, due to user input is not properly sanitized. An attacker with least privilege to edit compute is able to execute a XSS attack against other users, which could lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users.
124 CVE-2019-10170 Exec Code 2020-05-08 2021-10-19
6.5
None Remote Low ??? Partial Partial Partial
A flaw was found in the Keycloak admin console, where the realm management interface permits a script to be set via the policy. This flaw allows an attacker with authenticated user and realm management permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the application user.
125 CVE-2019-10169 Exec Code 2020-05-08 2021-10-19
6.5
None Remote Low ??? Partial Partial Partial
A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy. This flaw allows an authenticated attacker with UMA permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the user running application.
126 CVE-2019-10147 862 2019-06-03 2020-09-30
6.9
None Local Medium Not required Complete Complete Complete
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are not limited by cgroups during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.
127 CVE-2019-10145 862 2019-06-03 2020-10-02
6.9
None Local Medium Not required Complete Complete Complete
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` do not have seccomp filtering during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.
128 CVE-2019-10144 269 2019-06-03 2020-09-30
6.9
None Local Medium Not required Complete Complete Complete
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are given all capabilities during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.
129 CVE-2019-10143 362 +Priv 2019-05-24 2020-09-30
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."
130 CVE-2019-10141 89 DoS Sql 2019-07-30 2021-08-04
6.4
None Remote Low Not required None Partial Partial
A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. However, the attacker could pass malicious data and create a denial of service.
131 CVE-2019-10132 264 2019-05-22 2019-06-11
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
132 CVE-2019-9854 22 Dir. Trav. Bypass 2019-09-06 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
133 CVE-2019-9516 770 DoS 2019-08-13 2021-01-30
6.8
None Remote Low ??? None None Complete
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
134 CVE-2019-8324 94 2019-06-17 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
135 CVE-2019-7548 89 Sql 2019-02-06 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
136 CVE-2019-6974 362 2019-02-15 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
137 CVE-2019-6116 Exec Code 2019-03-21 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
138 CVE-2019-5782 20 Exec Code 2019-02-19 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
139 CVE-2019-5774 20 Exec Code 2019-02-19 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.
140 CVE-2019-5772 787 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
141 CVE-2019-5771 Exec Code 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
142 CVE-2019-5770 125 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
143 CVE-2019-5769 20 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
144 CVE-2019-5764 787 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
145 CVE-2019-5763 754 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
146 CVE-2019-5762 119 Exec Code Overflow 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
147 CVE-2019-5761 787 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
148 CVE-2019-5760 787 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
149 CVE-2019-5759 416 2019-02-19 2021-09-08
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
150 CVE-2019-5758 787 2019-02-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Total number of vulnerabilities : 638   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.