Redhat

Enterprise Linux Workstation

1845 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-5800

  • EPSS 1.68%
  • Veröffentlicht 07.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:25

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

6.5

CVE-2018-5801

  • EPSS 1.59%
  • Veröffentlicht 07.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:26

An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.

8.8

CVE-2018-5802

  • EPSS 0.61%
  • Veröffentlicht 07.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:26

An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8.8

CVE-2018-5805

  • EPSS 0.56%
  • Veröffentlicht 07.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:26

A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.

6.5

CVE-2018-5806

  • EPSS 0.53%
  • Veröffentlicht 07.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:26

An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.

9.8

CVE-2018-18311

  • EPSS 13.02%
  • Veröffentlicht 07.12.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:40

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

7.8

CVE-2018-9568

  • EPSS 0.47%
  • Veröffentlicht 06.12.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:15:43

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

9.6

CVE-2018-6152

  • EPSS 0.9%
  • Veröffentlicht 04.12.2018 17:29:02
  • Zuletzt bearbeitet 21.11.2024 04:10:10

The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to pote...

9.3

CVE-2018-16863

  • EPSS 0.08%
  • Veröffentlicht 03.12.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:28

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript d...

7.5

CVE-2018-15978

  • EPSS 2.14%
  • Veröffentlicht 29.11.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:50

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.