Product:

Enterprise_linux_server

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/kyz/libmspack
https://github.com/LibRaw/LibRaw
https://github.com/rubygems/rubygems
https://github.com/madler/zlib
https://github.com/the-tcpdump-group/tcpdump
https://github.com/fedora-selinux/setroubleshoot
https://github.com/ntp-project/ntp
https://github.com/mdadams/jasper
https://github.com/neomutt/neomutt
https://github.com/abrt/abrt
https://github.com/openbsd/src
https://github.com/mysql/mysql-server
https://github.com/golang/go
https://github.com/jpirko/libndp
https://github.com/candlepin/subscription-manager
https://github.com/szukw000/openjpeg
https://github.com/rpm-software-management/yum-utils
https://github.com/sosreport/sos-collector
https://github.com/dogtagpki/pki
• git://git.openssl.org/openssl.git
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/paramiko/paramiko
https://github.com/uclouvain/openjpeg
https://github.com/qos-ch/slf4j
https://github.com/opencontainers/runc
https://github.com/mm2/Little-CMS
https://github.com/ImageMagick/ImageMagick
https://github.com/Perl/perl5
https://github.com/git/git
https://github.com/karelzak/util-linux
https://github.com/ClusterLabs/pacemaker
https://github.com/GNOME/evince
https://git.savannah.gnu.org/git/patch.git
https://github.com/UNINETT/mod_auth_mellon
https://github.com/flori/json
https://github.com/flatpak/flatpak
https://github.com/SELinuxProject/selinux
https://github.com/libguestfs/hivex
https://github.com/vadz/libtiff
https://github.com/jquery/jquery-ui
#Vulnerabilities 1791
Date Id Summary Products Score Patch Annotated
2019-12-10 CVE-2019-13725 Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 8.8
2019-12-10 CVE-2019-13749 Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-12-10 CVE-2019-13750 Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. Ubuntu_linux, Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-12-10 CVE-2019-13754 Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13744 Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-12-10 CVE-2019-13746 Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-12-10 CVE-2019-13748 Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2016-07-19 CVE-2016-5388 It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. Tomcat, System_management_homepage, Linux, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 8.1
2016-07-19 CVE-2016-5385 It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request. Debian_linux, Drupal, Fedora, Storeever_msl6480_tape_library_firmware, System_management_homepage, Leap, Communications_user_data_repository, Enterprise_manager_ops_center, Linux, Php, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 8.1
2015-12-15 CVE-2015-7497 A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 N/A