|
222871
|
9.8 |
CRITICAL
Network
|
libsdl
redhat
|
simple_directmedia_layer
enterprise_linux
|
A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through …
|
-
|
CVE-2019-14906
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222872
|
8.8 |
HIGH
Network
|
redhat
|
openshift_container_platform
|
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the …
|
-
|
CVE-2019-14819
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222873
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revok…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2019-14879
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222874
|
7.3 |
HIGH
Local
|
gnu
redhat
|
cpio
enterprise_linux
|
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting ar…
|
NVD-CWE-Other
|
CVE-2019-14866
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222875
|
6.5 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to …
|
-
|
CVE-2019-14854
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222876
|
8.8 |
HIGH
Network
|
redhat
|
single_sign-on
jboss_enterprise_application_platform
|
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access un…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14843
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222877
|
9.1 |
CRITICAL
Network
|
redhat
|
keycloak
single_sign-on
|
A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. Fo…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-14837
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222878
|
3.7 |
LOW
Network
|
thekelleys
fedoraproject
|
dnsmasq
fedora
|
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
|
-
|
CVE-2019-14834
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222879
|
6.5 |
MEDIUM
Network
|
redhat
debian
opensuse
|
cloudforms_management_engine
ceph_storage
ansible_tower
ansible
enterprise_linux
debian_linux
leap
backports_sle
|
Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used…
|
-
|
CVE-2019-14864
|
2024-11-21 13:27 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222880
|
6.1 |
MEDIUM
Network
|
angularjs
redhat
|
angular.js
decision_manager
process_automation
|
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted …
|
CWE-79
Cross-site Scripting
|
CVE-2019-14863
|
2024-11-21 13:27 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
