|
222911
|
5.5 |
MEDIUM
Local
|
gnu
|
grub2
|
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be t…
|
-
|
CVE-2019-14865
|
2024-11-21 13:27 |
2019-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222912
|
7.8 |
HIGH
Local
|
artifex
fedoraproject
|
ghostscript
fedora
|
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-14812
|
2024-11-21 13:27 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222913
|
9.8 |
CRITICAL
Network
|
linux
redhat
fedoraproject
canonical
debian
|
linux_kernel
enterprise_linux
fedora
ubuntu_linux
debian_linux
|
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, poss…
|
-
|
CVE-2019-14896
|
2024-11-21 13:27 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222914
|
8.8 |
HIGH
Network
|
freeipa
fedoraproject
|
freeipa
fedora
|
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components…
|
CWE-94
CWE-400
Code Injection
Uncontrolled Resource Consumption
|
CVE-2019-14867
|
2024-11-21 13:27 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222915
|
9.8 |
CRITICAL
Network
|
redhat
|
libnbd
|
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the…
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2019-14842
|
2024-11-21 13:27 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222916
|
6.5 |
MEDIUM
Network
|
redhat
opensuse
|
ansible
leap
backports_sle
openstack
|
ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None
|
CWE-287
Improper Authentication
|
CVE-2019-14856
|
2024-11-21 13:27 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222917
|
7.5 |
HIGH
Network
|
python-ecdsa_project
|
python-ecdsa
|
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could le…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-14853
|
2024-11-21 13:27 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222918
|
6.1 |
MEDIUM
Network
|
openidc
|
mod_auth_openidc
|
A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon.
|
CWE-601
Open Redirect
|
CVE-2019-14857
|
2024-11-21 13:27 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222919
|
8.4 |
HIGH
Local
|
redhat
|
ansible_tower
|
A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-14890
|
2024-11-21 13:27 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222920
|
2.7 |
LOW
Network
|
theforeman
|
katello
|
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without be…
|
-
|
CVE-2019-14825
|
2024-11-21 13:27 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
