|
941
|
7.0
6.9
|
HIGH
Local
|
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain condit…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12817
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:23
2019-06-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
942
|
5.9
4.3
|
MEDIUM
Network
|
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on t…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-12384
|
cpe:2.3:o:redhat:enterprise_linux:7.7:* cpe:2.3:o:redhat:enterprise_linux:7.6:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 13:22
2019-06-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
943
|
7.5
5.0
|
HIGH
Network
|
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-11479
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:21
2019-06-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
944
|
7.5
5.0
|
HIGH
Network
|
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-11478
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 13:21
2019-06-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
945
|
7.5
7.8
|
HIGH
Network
|
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker c…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-11477
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 13:21
2019-06-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
946
|
5.3
5.0
|
MEDIUM
Network
|
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-11038
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:20
2019-06-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
947
|
7.8
4.6
|
HIGH
Local
|
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in fu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6711
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 10:46
2019-06-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
948
|
8.8
6.8
|
HIGH
Network
|
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of …
|
CWE-94
Code Injection
|
CVE-2019-8324
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:49
2019-06-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
949
|
9.8
7.5
|
CRITICAL
Network
|
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly oth…
|
-
|
CVE-2019-10126
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:18
2019-06-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
950
|
3.1
3.5
|
LOW
Network
|
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integ…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2019-10155
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:18
2019-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|