Redhat

Enterprise Linux Workstation

1845 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2018-16071

  • EPSS 19.89%
  • Published 09.01.2019 19:29:01
  • Last modified 21.11.2024 03:52:02

A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

8.8

CVE-2018-16076

  • EPSS 0.61%
  • Published 09.01.2019 19:29:01
  • Last modified 21.11.2024 03:52:03

Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.

8.8

CVE-2016-9651

  • EPSS 53.95%
  • Published 09.01.2019 19:29:00
  • Last modified 21.11.2024 03:01:34

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

5.3

CVE-2018-16876

  • EPSS 1.03%
  • Published 03.01.2019 15:29:01
  • Last modified 21.11.2024 03:53:30

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

6.5

CVE-2018-20662

  • EPSS 0.46%
  • Published 03.01.2019 13:29:00
  • Last modified 21.11.2024 04:01:57

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is m...

6.5

CVE-2018-20650

  • EPSS 0.36%
  • Published 01.01.2019 16:29:00
  • Last modified 21.11.2024 04:01:56

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.

7.8

CVE-2018-19134

Exploit
  • EPSS 1.36%
  • Published 20.12.2018 23:29:00
  • Last modified 21.11.2024 03:57:23

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscri...

7.8

CVE-2018-1000876

Exploit
  • EPSS 0.13%
  • Published 20.12.2018 17:29:01
  • Last modified 21.11.2024 03:40:33

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows executi...

8.8

CVE-2018-1000877

  • EPSS 4.17%
  • Published 20.12.2018 17:29:01
  • Last modified 21.11.2024 03:40:33

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, ...

8.8

CVE-2018-1000878

  • EPSS 4.71%
  • Published 20.12.2018 17:29:01
  • Last modified 21.11.2024 03:40:33

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is un...