Lucene search

K
RedhatEnterprise Linux Desktop

1928 matches found

CVE
CVE
added 2018/04/29 3:29 p.m.169 views

CVE-2018-10534

The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so tha...

5.5CVSS6.1AI score0.00192EPSS
CVE
CVE
added 2018/04/11 7:29 p.m.169 views

CVE-2018-1100

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

7.8CVSS7.9AI score0.00188EPSS
CVE
CVE
added 2018/07/01 4:29 p.m.169 views

CVE-2018-13033

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in ...

5.5CVSS5.8AI score0.01475EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.169 views

CVE-2019-13755

Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.

4.3CVSS4.9AI score0.01851EPSS
CVE
CVE
added 2019/02/03 3:29 a.m.169 views

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocair...

7.8CVSS8AI score0.00267EPSS
CVE
CVE
added 2017/07/21 2:29 p.m.168 views

CVE-2015-5195

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

7.5CVSS7.2AI score0.10401EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.168 views

CVE-2016-0695

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

5.9CVSS6.6AI score0.02034EPSS
CVE
CVE
added 2016/08/02 4:59 p.m.168 views

CVE-2016-5403

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

5.5CVSS5.9AI score0.00066EPSS
CVE
CVE
added 2017/04/19 2:59 p.m.168 views

CVE-2016-5410

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.

5.5CVSS5.3AI score0.0006EPSS
CVE
CVE
added 2018/04/25 9:29 a.m.168 views

CVE-2018-10373

concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.

6.5CVSS6.3AI score0.00833EPSS
CVE
CVE
added 2018/05/01 4:29 p.m.168 views

CVE-2018-10583

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt X...

7.5CVSS6.4AI score0.72646EPSS
CVE
CVE
added 2018/03/22 4:29 a.m.168 views

CVE-2018-8905

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

8.8CVSS8.6AI score0.00889EPSS
CVE
CVE
added 2020/02/11 3:15 p.m.168 views

CVE-2020-6391

Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.

4.3CVSS4.8AI score0.01736EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.167 views

CVE-2018-12389

Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 6...

8.8CVSS8.4AI score0.01143EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.167 views

CVE-2018-5125

Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, a...

8.8CVSS9.7AI score0.01103EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.166 views

CVE-2017-10105

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

4.3CVSS4.4AI score0.00393EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.166 views

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbir...

9.8CVSS8.3AI score0.02412EPSS
CVE
CVE
added 2017/06/22 9:29 p.m.166 views

CVE-2017-9776

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

7.8CVSS7AI score0.01248EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.166 views

CVE-2018-12397

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vul...

7.1CVSS6.8AI score0.00085EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.165 views

CVE-2012-5829

Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.

9.3CVSS9.2AI score0.06844EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.165 views

CVE-2016-9895

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird

6.1CVSS7AI score0.00709EPSS
CVE
CVE
added 2017/08/31 8:29 p.m.165 views

CVE-2017-0900

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a query command.

7.5CVSS8AI score0.12221EPSS
CVE
CVE
added 2017/11/04 6:29 p.m.165 views

CVE-2017-16541

Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.

6.5CVSS5.5AI score0.04969EPSS
Web
CVE
CVE
added 2018/04/16 9:58 a.m.165 views

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted do...

7.8CVSS8AI score0.00185EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.165 views

CVE-2018-12395

By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox

7.5CVSS7AI score0.01851EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.165 views

CVE-2019-13746

Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5CVSS6.1AI score0.01851EPSS
CVE
CVE
added 2020/02/11 3:15 p.m.165 views

CVE-2020-6402

Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

8.8CVSS8.4AI score0.02584EPSS
CVE
CVE
added 2012/10/03 9:55 p.m.164 views

CVE-2012-3489

The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that...

6.5CVSS6.1AI score0.01042EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.164 views

CVE-2016-9898

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird

9.8CVSS8.9AI score0.0274EPSS
CVE
CVE
added 2017/08/31 8:29 p.m.164 views

CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.

9.8CVSS8.4AI score0.09672EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.164 views

CVE-2017-3600

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple p...

6.6CVSS6.1AI score
CVE
CVE
added 2018/06/11 9:29 p.m.164 views

CVE-2017-7798

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 an...

8.8CVSS8.1AI score0.0292EPSS
CVE
CVE
added 2018/03/28 1:29 p.m.164 views

CVE-2018-1083

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned...

7.8CVSS6.7AI score0.00119EPSS
CVE
CVE
added 2012/06/16 9:55 p.m.163 views

CVE-2012-1717

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.

2.1CVSS7.6AI score0.00155EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.163 views

CVE-2012-4186

Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

9.3CVSS9.6AI score0.55611EPSS
CVE
CVE
added 2015/11/24 8:59 p.m.163 views

CVE-2015-7981

The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.

5CVSS7.9AI score0.00786EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.163 views

CVE-2016-1839

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.4AI score0.10773EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.163 views

CVE-2017-5439

A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox

9.8CVSS8.3AI score0.02016EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.163 views

CVE-2017-7792

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox

9.8CVSS8.4AI score0.07722EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.163 views

CVE-2017-7801

A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and...

9.8CVSS8.3AI score0.0244EPSS
CVE
CVE
added 2018/08/27 5:29 p.m.163 views

CVE-2018-15909

In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.

7.8CVSS6.6AI score0.02274EPSS
CVE
CVE
added 2018/10/15 4:29 p.m.163 views

CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.

6.3CVSS6.4AI score0.00189EPSS
CVE
CVE
added 2019/01/01 4:29 p.m.163 views

CVE-2018-20650

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.

6.5CVSS6.5AI score0.00413EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.163 views

CVE-2021-4091

A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.

7.5CVSS7.1AI score0.00177EPSS
CVE
CVE
added 2011/12/15 3:57 a.m.162 views

CVE-2011-4517

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a cra...

6.8CVSS5AI score0.4213EPSS
CVE
CVE
added 2017/08/07 8:29 p.m.162 views

CVE-2015-7692

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5CVSS7.9AI score0.10156EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.162 views

CVE-2017-5438

A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox

9.8CVSS8.3AI score0.02016EPSS
CVE
CVE
added 2017/07/21 2:29 p.m.161 views

CVE-2015-5194

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

7.5CVSS7.1AI score0.11834EPSS
CVE
CVE
added 2016/12/22 9:59 p.m.161 views

CVE-2016-7091

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to...

4.9CVSS4.1AI score0.0008EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.161 views

CVE-2016-9901

HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Fire...

9.8CVSS8.8AI score0.02137EPSS
Total number of security vulnerabilities1928