Redhat

Enterprise Linux Desktop

1928 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2018-16866

Exploit
  • EPSS 0.11%
  • Published 11.01.2019 19:29:00
  • Last modified 21.11.2024 03:53:28

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.

6.7

CVE-2019-6133

  • EPSS 0.01%
  • Published 11.01.2019 14:29:00
  • Last modified 21.11.2024 04:46:00

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin...

8.8

CVE-2018-6174

  • EPSS 2.02%
  • Published 09.01.2019 19:29:11
  • Last modified 21.11.2024 04:10:13

Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.

6.5

CVE-2018-6175

  • EPSS 0.96%
  • Published 09.01.2019 19:29:11
  • Last modified 21.11.2024 04:10:13

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

4.3

CVE-2018-6178

  • EPSS 0.5%
  • Published 09.01.2019 19:29:11
  • Last modified 21.11.2024 04:10:13

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.

6.5

CVE-2018-6179

  • EPSS 0.56%
  • Published 09.01.2019 19:29:11
  • Last modified 21.11.2024 04:10:13

Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a cra...

8.8

CVE-2018-6144

  • EPSS 1.66%
  • Published 09.01.2019 19:29:10
  • Last modified 21.11.2024 04:10:09

Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file.

5.5

CVE-2018-6147

  • EPSS 0.03%
  • Published 09.01.2019 19:29:10
  • Last modified 21.11.2024 04:10:09

Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process.

8.8

CVE-2018-6151

  • EPSS 0.68%
  • Published 09.01.2019 19:29:10
  • Last modified 21.11.2024 04:10:10

Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.

8.8

CVE-2018-6153

  • EPSS 1.66%
  • Published 09.01.2019 19:29:10
  • Last modified 21.11.2024 04:10:10

A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.