enterprise linux server eus vulnerabilities and exploits

6.5
CVSSv2
CVE-2019-10132

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform...

7.5
CVSSv2
CVE-2019-5953

Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors....

6.8
CVSSv2
CVE-2019-3839

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by...

NA
CVE-2019-8322

Escape sequence injection vulnerability in gem owner...

NA
CVE-2019-8325

It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2019-8320)...

NA
CVE-2019-8324

Installing a malicious gem may lead to arbitrary code execution...

NA
CVE-2019-8323

A vulnerability in RubyGems could allow an unauthenticated, remote attacker to inject escape sequence code on a targeted system. The vulnerability exists because the affected software does not properly validate user-supplied input when handling API responses. An attacker...

NA
CVE-2018-12126

A vulnerability in the Microarchitectural Store Buffer Data Sampling (MSBDS) of Intel Microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the...

NA
CVE-2019-11091

A vulnerability in the Microarchitectural Data Sampling Uncacheable Memory (MDSUM) of Intel microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the...

NA
CVE-2018-12127

A vulnerability in the Microarchitectural Load Port Data Sampling (MLPDS) of Intel Microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the affected...