Enterprise Linux Workstation

enterprise_linux_workstation

Vendor: Redhat • 1,845 CVEs

CVEs (1,845)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-3068 2Adobe Redhat 5Enterprise Linux Enterprise Linux DesktopEnterprise Linux Workstation+2 more May 13, 2026 May 9, 2017 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-8291 3Artifex DebianRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 21, 2026 Apr 27, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program...Show more Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.Show less
CVE-2017-5046 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML pag...Show more V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.Show less
CVE-2017-5045 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables...Show more XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.Show less
CVE-2017-5044 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a c...Show more Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.Show less
CVE-2017-5043 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension...Show more Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.Show less
CVE-2017-5042 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 5.7 MEDIUM· v3 3.3 LOW· v2 Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connecti...Show more Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent.Show less
CVE-2017-5040 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.
CVE-2017-5039 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5038 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension...Show more Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.Show less
CVE-2017-5037 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file,...Show more An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.Show less
CVE-2017-5036 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file.
CVE-2017-5035 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.
CVE-2017-5033 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass conte...Show more Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.Show less
CVE-2017-5030 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Apr 21, 2026 Apr 24, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2017-5029 4Debian GoogleRedhat+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more May 13, 2026 Apr 24, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow duri...Show more The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.Show less
CVE-2017-3600 4Debian MariadbOracle+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Server+6 more May 13, 2026 Apr 24, 2017 N/A· v4 6.6 MEDIUM· v3 6.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit v...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).Show less
CVE-2017-3544 4Debian GoogleOracle+1 more 13Android Debian LinuxEnterprise Linux Desktop+10 more May 13, 2026 Apr 24, 2017 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit:...Show more Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).Show less
CVE-2017-3539 3Debian OracleRedhat 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more May 13, 2026 Apr 24, 2017 N/A· v4 3.1 LOW· v3 2.1 LOW· v2 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit...Show more Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).Show less
CVE-2017-3533 3Debian OracleRedhat 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Apr 24, 2017 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit:...Show more Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).Show less

Previous 1...575859...93 Next