Enterprise Linux Server Supplementary Eus Security Vulnerabilities and Issues — Enterprise Linux Server Supplementary Eus CVE List

Lucene search

RedhatEnterprise Linux Server Supplementary Eus

9 matches found

CVE•added 2015/07/23 12:59 a.m.•90 views

CVE-2015-1270

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) o...

6.8CVSS9.3AI score0.01165EPSS

CVE•added 2016/05/14 9:59 p.m.•74 views

CVE-2016-1665

The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.

6.5CVSS7AI score0.01525EPSS

CVE•added 2015/07/23 12:59 a.m.•70 views

CVE-2015-1271

PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory ...

6.8CVSS9.4AI score0.02867EPSS

CVE•added 2015/07/23 12:59 a.m.•68 views

CVE-2015-1282

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2...

6.8CVSS9.6AI score0.02033EPSS

CVE•added 2015/07/23 12:59 a.m.•68 views

CVE-2015-1288

The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issu...

6.8CVSS9.5AI score0.00847EPSS

CVE•added 2015/07/23 12:59 a.m.•67 views

CVE-2015-1273

Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document.

6.8CVSS9.7AI score0.02695EPSS

CVE•added 2014/01/15 4:8 p.m.•65 views

CVE-2013-5904

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

6.8CVSS4.3AI score0.00957EPSS

CVE•added 2014/01/15 4:11 p.m.•59 views

CVE-2013-5870

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

6.8CVSS4.3AI score0.00978EPSS

CVE•added 2015/03/09 12:59 a.m.•57 views

CVE-2015-1220

Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in...

6.8CVSS6.8AI score0.03072EPSS