Enterprise Linux Server

enterprise_linux_server

Vendor: Redhat • 1,891 CVEs

CVEs (1,891)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-6060 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-6057 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.
CVE-2018-17477 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.
CVE-2018-17476 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
CVE-2018-17475 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-17474 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-17472 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page.
CVE-2018-17471 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
CVE-2018-17468 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page.
CVE-2018-17467 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-17466 4Canonical DebianGoogle+1 more 9Chrome Debian LinuxEnterprise Linux Desktop+6 more Nov 21, 2024 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-17465 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
CVE-2018-17463 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Oct 24, 2025 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2018-19115 3Debian KeepalivedRedhat 7Debian Linux Enterprise Linux ServerEnterprise Linux Server Aus+4 more Nov 21, 2024 Nov 8, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status cod...Show more keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.Show less
CVE-2018-19108 4Canonical DebianExiv2+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Nov 8, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
CVE-2018-19107 4Canonical DebianExiv2+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Nov 8, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD im...Show more In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.Show less
CVE-2018-19058 4Canonical DebianFreedesktop+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Nov 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
CVE-2018-18897 4Canonical DebianFreedesktop+1 more 10Debian Linux Enterprise LinuxEnterprise Linux Desktop+7 more Nov 21, 2024 Nov 2, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
CVE-2018-14660 3Debian GlusterRedhat 5Debian Linux Enterprise Linux ServerGlusterfs+2 more Nov 21, 2024 Nov 1, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode...Show more A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.Show less
CVE-2018-14661 3Debian GlusterRedhat 5Debian Linux Enterprise Linux ServerGlusterfs+2 more Nov 21, 2024 Oct 31, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker coul...Show more It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service.Show less

Previous 1...222324...95 Next