Enterprise Linux Desktop

enterprise_linux_desktop

Vendor: Redhat • 1,928 CVEs

CVEs (1,928)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13738 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2019-13737 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-13736 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-13735 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-13734 8Canonical DebianFedoraproject+5 more 15Backports Sle ChromeCommunications Cloud Native Core Network Repository Function+12 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13732 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13730 6Debian FedoraprojectGoogle+3 more 9Backports ChromeDebian Linux+6 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13729 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13728 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13727 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2019-13726 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2019-13725 4Debian FedoraprojectGoogle+1 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Jun 17, 2026 Dec 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2019-5544 4Fedoraproject OpenslpRedhat+1 more 16Enterprise Linux Desktop Enterprise Linux For Ibm Z SystemsEnterprise Linux For Ibm Z Systems Eus+13 more Jun 17, 2026 Dec 6, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
CVE-2019-10216 2Artifex Redhat 93scale Api Management Enterprise LinuxEnterprise Linux Desktop+6 more Jun 17, 2026 Nov 27, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially cra...Show more In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.Show less
CVE-2019-13723 4Fedoraproject GoogleOpensuse+1 more 6Backports ChromeEnterprise Linux Desktop+3 more Jun 17, 2026 Nov 25, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2012-6136 3Debian FedoraprojectRedhat 7Debian Linux Enterprise LinuxEnterprise Linux Desktop+4 more Nov 21, 2024 Nov 20, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.
CVE-2019-11135 9Canonical DebianFedoraproject+6 more 160Apollo 2000 Firmware Apollo 4200 FirmwareCeleron 5305u Firmware+157 more Jun 17, 2026 Nov 14, 2019 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVE-2017-5333 5Canonical DebianIcoutils Project+2 more 11Debian Linux Enterprise LinuxEnterprise Linux Desktop+8 more Nov 21, 2024 Nov 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafte...Show more Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.Show less
CVE-2017-5332 5Canonical DebianIcoutils Project+2 more 11Debian Linux Enterprise LinuxEnterprise Linux Desktop+8 more Nov 21, 2024 Nov 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a...Show more The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.Show less
CVE-2019-6470 3Isc OpensuseRedhat 19Dhcpd Enterprise LinuxEnterprise Linux Desktop+16 more Jun 17, 2026 Nov 1, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but t...Show more There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.Show less

Previous 1...678...97 Next