redhat vulnerabilities and exploits

9.3
CVSSv2
CVE-2019-7837

Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution....

6.5
CVSSv2
CVE-2019-10132

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform...

NA
CVE-2019-10142

Linux Kernel is vulnerable to a denial of service, caused by a ZERO_SIZE_PTR dereference and integer overflow in ioctl. By sending a specially-crafted request using the "param.count" value, a local authenticated attacker could exploit this vulnerability to cause a...

5
CVSSv2
CVE-2019-12247

QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables....

5
CVSSv2
CVE-2019-12155

interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference....

NA
CVE-2019-5436

cURL libcurl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the tftp_receive_packet() function. By sending overly long data, a remote attacker could overflow a buffer and execute arbitrary code on the system....

NA
CVE-2019-9815

Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by a timing atatck when hyperthreading is not disabled. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to bypass security...

NA
CVE-2019-9819

Mozilla Firefox is vulnerable to a denial of service, caused by a JavaScript compartment mismatch can while working with the fetch API. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service....

NA
CVE-2019-9818

Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in the main process. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service....

NA
CVE-2019-9817

Mozilla Firefox could allow a remote attacker to obtain sensitive information. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using canvas to steal image data from a different site....