Lucene search

K
RedhatEnterprise Linux Desktop6.0

360 matches found

CVE
CVE
added 2018/08/17 7:29 p.m.4794 views

CVE-2018-15473

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

5.3CVSS5.8AI score0.90473EPSS
CVE
CVE
added 2018/02/06 9:29 p.m.1427 views

CVE-2018-4878

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the w...

9.8CVSS8.8AI score0.93384EPSS
CVE
CVE
added 2018/11/14 3:29 p.m.1092 views

CVE-2018-17463

Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.8AI score0.91128EPSS
CVE
CVE
added 2018/12/11 4:29 p.m.1045 views

CVE-2018-17480

Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.7AI score0.30285EPSS
CVE
CVE
added 2018/11/14 3:29 p.m.1045 views

CVE-2018-6065

Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.5AI score0.88889EPSS
CVE
CVE
added 2018/07/09 7:29 p.m.971 views

CVE-2018-5002

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

10CVSS7.9AI score0.37375EPSS
CVE
CVE
added 2018/08/26 4:29 p.m.735 views

CVE-2011-2767

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permittin...

10CVSS9.5AI score0.06221EPSS
CVE
CVE
added 2018/05/22 12:29 p.m.724 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS
CVE
CVE
added 2018/07/26 5:29 p.m.697 views

CVE-2017-12171

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.

6.5CVSS6.6AI score0.01543EPSS
CVE
CVE
added 2018/09/06 9:29 p.m.636 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.01732EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.578 views

CVE-2018-13405

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigge...

7.8CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.546 views

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

7.5CVSS7.2AI score0.84964EPSS
CVE
CVE
added 2018/03/13 4:29 p.m.544 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.

4.3CVSS6.2AI score0.2411EPSS
CVE
CVE
added 2018/04/06 1:29 p.m.527 views

CVE-2018-1000156

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE...

7.8CVSS7.8AI score0.43395EPSS
CVE
CVE
added 2018/01/03 6:29 a.m.500 views

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in a...

10CVSS9.5AI score0.38093EPSS
CVE
CVE
added 2018/08/21 7:29 p.m.431 views

CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possi...

7.8CVSS6.3AI score0.0008EPSS
CVE
CVE
added 2018/10/08 3:29 p.m.423 views

CVE-2018-1000805

Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.

8.8CVSS8.5AI score0.00361EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.408 views

CVE-2018-3183

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network ...

9CVSS8.8AI score0.00226EPSS
CVE
CVE
added 2018/09/25 9:29 p.m.395 views

CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerab...

7.8CVSS7.3AI score0.02971EPSS
CVE
CVE
added 2018/12/11 4:29 p.m.388 views

CVE-2018-18356

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.02245EPSS
CVE
CVE
added 2018/03/13 6:29 p.m.387 views

CVE-2018-7750

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demo...

9.8CVSS9.4AI score0.22204EPSS
CVE
CVE
added 2018/07/26 6:29 p.m.383 views

CVE-2017-12150

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

7.4CVSS6.5AI score0.17791EPSS
CVE
CVE
added 2018/07/26 4:29 p.m.381 views

CVE-2017-12163

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server...

7.1CVSS7AI score0.27333EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.361 views

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with netw...

5.3CVSS5.5AI score0.00105EPSS
CVE
CVE
added 2018/11/14 3:29 p.m.356 views

CVE-2018-17466

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS7.1AI score0.00898EPSS
CVE
CVE
added 2018/05/17 4:29 p.m.348 views

CVE-2018-1111

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw t...

7.9CVSS7.9AI score0.88259EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.344 views

CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

6.8CVSS5.8AI score0.00087EPSS
CVE
CVE
added 2018/05/16 5:29 p.m.325 views

CVE-2018-11212

An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.

6.5CVSS6.2AI score0.00426EPSS
CVE
CVE
added 2018/12/11 4:29 p.m.324 views

CVE-2018-18335

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.01839EPSS
CVE
CVE
added 2018/06/21 8:29 p.m.321 views

CVE-2018-3665

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

5.6CVSS6AI score0.01319EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.319 views

CVE-2016-9905

A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.

8.8CVSS8.7AI score0.01236EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.318 views

CVE-2018-2952

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated at...

4.3CVSS4AI score0.00042EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.314 views

CVE-2018-3139

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mu...

3.1CVSS3.9AI score0.00134EPSS
CVE
CVE
added 2018/08/01 5:29 p.m.301 views

CVE-2018-10897

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversa...

9.3CVSS7.8AI score0.0275EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.299 views

CVE-2018-3169

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

8.3CVSS8.6AI score0.00273EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.298 views

CVE-2018-5146

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

8.8CVSS7AI score0.26243EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.296 views

CVE-2018-3149

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

8.3CVSS8.6AI score0.00166EPSS
CVE
CVE
added 2018/05/23 1:29 p.m.293 views

CVE-2018-1124

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution...

7.8CVSS8.3AI score0.0028EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.282 views

CVE-2018-2582

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

6.5CVSS5.5AI score0.00295EPSS
CVE
CVE
added 2018/06/08 9:29 p.m.279 views

CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent ...

7.5CVSS7.8AI score0.01522EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.274 views

CVE-2018-3136

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mult...

3.4CVSS4.7AI score0.00165EPSS
CVE
CVE
added 2018/07/10 9:29 p.m.270 views

CVE-2018-3693

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

5.6CVSS6.3AI score0.01192EPSS
CVE
CVE
added 2018/07/09 1:29 p.m.265 views

CVE-2018-13785

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

6.5CVSS7.7AI score0.02195EPSS
CVE
CVE
added 2018/03/30 9:29 p.m.256 views

CVE-2018-7566

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

7.8CVSS6.9AI score0.00034EPSS
CVE
CVE
added 2018/08/28 7:29 p.m.255 views

CVE-2017-15412

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS7AI score0.03481EPSS
CVE
CVE
added 2018/09/05 6:29 a.m.252 views

CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

9.3CVSS7.2AI score0.92178EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.240 views

CVE-2018-14362

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.

9.8CVSS9.1AI score0.05396EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.237 views

CVE-2018-2799

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network ...

5.3CVSS5AI score0.0014EPSS
CVE
CVE
added 2018/08/28 7:29 p.m.235 views

CVE-2017-15422

Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

6.5CVSS7AI score0.0108EPSS
CVE
CVE
added 2018/09/04 12:29 a.m.234 views

CVE-2018-16435

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

5.5CVSS5.7AI score0.00488EPSS
Total number of security vulnerabilities360