Enterprise Linux Workstation

enterprise_linux_workstation

Vendor: Redhat • 1,845 CVEs

CVEs (1,845)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-5806 2Libraw Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5805 2Libraw Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
CVE-2018-5802 4Canonical DebianLibraw+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subseque...Show more An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.Show less
CVE-2018-5801 4Canonical DebianLibraw+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5800 4Canonical DebianLibraw+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a cras...Show more An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.Show less
CVE-2018-18311 8Apple CanonicalDebian+5 more 18Debian Linux E Series Santricity Os ControllerEnterprise Linux+15 more Nov 21, 2024 Dec 7, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-2018-9568 4Canonical GoogleLinux+1 more 9Android Enterprise Linux DesktopEnterprise Linux Server+6 more Nov 21, 2024 Dec 6, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...Show more In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.Show less
CVE-2018-6152 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Dec 4, 2018 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install...Show more The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.Show less
CVE-2018-16863 2Artifex Redhat 7Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+4 more Nov 21, 2024 Dec 3, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a...Show more It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.Show less
CVE-2018-15981 2Adobe Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Nov 21, 2024 Nov 29, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-15978 2Adobe Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Nov 21, 2024 Nov 29, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-8787 4Canonical DebianFreerdp+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+6 more Nov 21, 2024 Nov 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
CVE-2018-8786 5Canonical DebianFedoraproject+2 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Server+7 more Nov 21, 2024 Nov 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code exec...Show more FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.Show less
CVE-2018-12121 2Nodejs Redhat 8Enterprise Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Dec 27, 2024 Nov 28, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and...Show more Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.Show less
CVE-2018-14646 2Linux Redhat 7Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+4 more Nov 21, 2024 Nov 26, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net na...Show more The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service.Show less
CVE-2018-19535 4Canonical DebianExiv2+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Nov 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.
CVE-2018-19477 4Artifex CanonicalDebian+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Server+7 more Nov 21, 2024 Nov 23, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
CVE-2018-19476 4Artifex CanonicalDebian+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Server+7 more Nov 21, 2024 Nov 23, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
CVE-2018-19475 4Artifex CanonicalDebian+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Server+7 more Nov 21, 2024 Nov 23, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
CVE-2018-19409 4Artifex CanonicalDebian+1 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more Nov 21, 2024 Nov 21, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.

Previous 1...202122...93 Next