Redhat

Enterprise Linux Server

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2017-5066

  • EPSS 0.18%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certi...

6.5

CVE-2017-5067

  • EPSS 0.71%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

7.5

CVE-2017-5068

  • EPSS 0.42%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.

6.1

CVE-2017-5069

  • EPSS 0.52%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML p...

8.8

CVE-2017-5070

Warning Exploit
  • EPSS 76.56%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

6.8

CVE-2017-5071

  • EPSS 0.78%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8

CVE-2017-5073

  • EPSS 0.91%
  • Published 27.10.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

5.3

CVE-2017-15906

  • EPSS 2.76%
  • Published 26.10.2017 03:29:00
  • Last modified 20.04.2025 01:37:25

The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

7.1

CVE-2017-12613

  • EPSS 0.29%
  • Published 24.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially r...

8.8

CVE-2017-11292

Warning
  • EPSS 11.15%
  • Published 22.10.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could le...