Enterprise Linux Server Supplementary Eus Security Vulnerabilities and Issues — Enterprise Linux Server Supplementary Eus CVE List

Lucene search

RedhatEnterprise Linux Server Supplementary Eus

11 matches found

CVE•added 2016/05/05 6:59 p.m.•1044 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

5.8CVSS6.3AI score0.88973EPSS

CVE•added 2016/05/05 6:59 p.m.•1040 views

CVE-2016-3718

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.5CVSS6.7AI score0.87335EPSS

CVE•added 2016/05/05 6:59 p.m.•133 views

CVE-2016-3716

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

4.3CVSS5.4AI score0.21326EPSS

CVE•added 2016/05/05 6:59 p.m.•126 views

CVE-2016-3717

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

7.1CVSS6.2AI score0.2075EPSS

CVE•added 2016/05/14 9:59 p.m.•92 views

CVE-2016-1663

The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service...

8.8CVSS9.1AI score0.01554EPSS

CVE•added 2016/05/14 9:59 p.m.•79 views

CVE-2016-1661

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a cr...

8.3CVSS8.6AI score0.01187EPSS

CVE•added 2016/05/14 9:59 p.m.•76 views

CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.

8.8CVSS9.1AI score0.01358EPSS

CVE•added 2016/05/14 9:59 p.m.•75 views

CVE-2016-1662

extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.

10CVSS9.2AI score0.15804EPSS

CVE•added 2016/05/14 9:59 p.m.•75 views

CVE-2016-1665

The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.

6.5CVSS7AI score0.01525EPSS

CVE•added 2016/05/14 9:59 p.m.•75 views

CVE-2016-1666

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

9.8CVSS9.2AI score0.00652EPSS

CVE•added 2016/05/14 9:59 p.m.•66 views

CVE-2016-1664

The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site...

4.3CVSS5.6AI score0.00945EPSS