Enterprise Linux Server

enterprise_linux_server

Vendor: Redhat • 1,891 CVEs

CVEs (1,891)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-5764 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5763 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5762 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
CVE-2019-5761 3Fedoraproject GoogleRedhat 5Chrome Enterprise Linux DesktopEnterprise Linux Server+2 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5760 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5759 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2019-5758 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5757 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
CVE-2019-5756 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
CVE-2019-5755 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
CVE-2019-5754 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.
CVE-2019-8383 4Advancemame DebianFedoraproject+1 more 6Advancecomp Debian LinuxEnterprise Linux For Power Little Endian+3 more Nov 21, 2024 Feb 17, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to ca...Show more An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.Show less
CVE-2019-8379 4Advancemame DebianFedoraproject+1 more 6Advancecomp Debian LinuxEnterprise Linux For Power Little Endian+3 more Nov 21, 2024 Feb 17, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attack...Show more An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.Show less
CVE-2019-6974 5Canonical DebianF5+2 more 24Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+21 more Nov 21, 2024 Feb 15, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
CVE-2019-8308 3Debian FlatpakRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more Nov 21, 2024 Feb 12, 2019 N/A· v4 8.2 HIGH· v3 4.4 MEDIUM· v2 Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.
CVE-2019-5736 13Apache CanonicalD2iq+10 more 19Backports Sle Container Development KitDc/os+16 more Nov 21, 2024 Feb 11, 2019 N/A· v4 8.6 HIGH· v3 9.3 HIGH· v2 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as r...Show more runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.Show less
CVE-2018-12549 2Eclipse Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Nov 21, 2024 Feb 11, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
CVE-2018-12547 2Eclipse Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Nov 21, 2024 Feb 11, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. Thi...Show more In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.Show less
CVE-2019-7665 5Canonical DebianElfutils Project+2 more 11Debian Linux ElfutilsEnterprise Linux+8 more Nov 21, 2024 Feb 9, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash...Show more In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.Show less
CVE-2019-7664 2Elfutils Project Redhat 8Elfutils Enterprise LinuxEnterprise Linux Desktop+5 more Nov 21, 2024 Feb 9, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program...Show more In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).Show less

Previous 1...131415...95 Next