Redhat

Enterprise Linux Desktop

1928 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2018-16863

  • EPSS 0.08%
  • Published 03.12.2018 17:29:00
  • Last modified 21.11.2024 03:53:28

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript d...

7.5

CVE-2018-15978

  • EPSS 2.14%
  • Published 29.11.2018 20:29:00
  • Last modified 21.11.2024 03:51:50

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

10

CVE-2018-15981

  • EPSS 30.67%
  • Published 29.11.2018 20:29:00
  • Last modified 21.11.2024 03:51:51

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8

CVE-2018-8786

Exploit
  • EPSS 19.56%
  • Published 29.11.2018 18:29:00
  • Last modified 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

9.8

CVE-2018-8787

Exploit
  • EPSS 14.14%
  • Published 29.11.2018 18:29:00
  • Last modified 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

7.5

CVE-2018-12121

  • EPSS 4.28%
  • Published 28.11.2018 17:29:00
  • Last modified 27.12.2024 16:15:22

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of ...

5.5

CVE-2018-14646

  • EPSS 0.04%
  • Published 26.11.2018 19:29:00
  • Last modified 21.11.2024 03:49:29

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assi...

6.5

CVE-2018-19535

Exploit
  • EPSS 0.36%
  • Published 26.11.2018 02:29:00
  • Last modified 21.11.2024 03:58:06

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

7.8

CVE-2018-19475

Exploit
  • EPSS 66.26%
  • Published 23.11.2018 05:29:03
  • Last modified 21.11.2024 03:57:59

psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.

7.8

CVE-2018-19476

Exploit
  • EPSS 0.72%
  • Published 23.11.2018 05:29:03
  • Last modified 21.11.2024 03:57:59

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.