|
1021
|
8.1
6.8
|
HIGH
Network
|
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require val…
|
CWE-287
Improper Authentication
|
CVE-2019-3878
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:42
2019-03-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1022
|
6.5
3.3
|
MEDIUM
Adjacent
|
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches …
|
-
|
CVE-2019-3874
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:42
2019-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1023
|
8.8
6.8
|
HIGH
Network
|
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker…
|
CWE-787 CWE-190
Out-of-bounds Write Integer Overflow or Wraparound
|
CVE-2019-3857
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:42
2019-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1024
|
8.8
6.8
|
HIGH
Network
|
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH se…
|
CWE-787 CWE-190
Out-of-bounds Write Integer Overflow or Wraparound
|
CVE-2019-3856
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:42
2019-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1025
|
5.5
4.3
|
MEDIUM
Local
|
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example,…
|
NVD-CWE-Other
|
CVE-2019-3838
|
cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 13:42
2019-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1026
|
5.4
5.5
|
MEDIUM
Network
|
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users …
|
CWE-269
Improper Privilege Management
|
CVE-2018-16838
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 12:53
2019-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1027
|
8.8
9.3
|
HIGH
Network
|
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server …
|
CWE-787 CWE-190
Out-of-bounds Write Integer Overflow or Wraparound
|
CVE-2019-3855
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:42
2019-03-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1028
|
6.5
4.3
|
MEDIUM
Network
|
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passin…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9903
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:52
2019-03-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1029
|
5.5
2.1
|
MEDIUM
Local
|
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
|
NVD-CWE-noinfo
|
CVE-2019-7222
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:47
2019-03-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1030
|
7.8
4.6
|
HIGH
Local
|
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
|
CWE-416
Use After Free
|
CVE-2019-7221
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:47
2019-03-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|