Enterprise Linux Server Tus Security Vulnerabilities and Issues — Enterprise Linux Server Tus CVE List

Lucene search

RedhatEnterprise Linux Server Tus

11 matches found

CVE•added 2018/11/15 9:29 p.m.•602 views

CVE-2018-5407

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

4.7CVSS5.6AI score0.00589EPSS

CVE•added 2018/11/14 3:29 p.m.•385 views

CVE-2018-17466

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS7.1AI score0.00881EPSS

CVE•added 2018/11/28 5:29 p.m.•349 views

CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP ser...

7.5CVSS7.5AI score0.04357EPSS

CVE•added 2018/11/26 7:29 p.m.•263 views

CVE-2018-14646

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of serv...

5.5CVSS5.3AI score0.00043EPSS

CVE•added 2018/11/29 6:29 p.m.•210 views

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

9.8CVSS9.7AI score0.21915EPSS

CVE•added 2018/11/02 7:29 a.m.•209 views

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

6.5CVSS6.6AI score0.00197EPSS

CVE•added 2018/11/29 6:29 p.m.•189 views

CVE-2018-8787

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

9.8CVSS9.7AI score0.15999EPSS

CVE•added 2018/11/23 5:29 a.m.•182 views

CVE-2018-19475

psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.

7.8CVSS6.6AI score0.72315EPSS

CVE•added 2018/11/23 5:29 a.m.•176 views

CVE-2018-19477

psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.

7.8CVSS6.6AI score0.0072EPSS

CVE•added 2018/11/23 5:29 a.m.•168 views

CVE-2018-19476

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.

7.8CVSS6.6AI score0.0072EPSS

CVE•added 2018/11/08 8:29 p.m.•126 views

CVE-2018-19115

keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.

9.8CVSS9.8AI score0.06961EPSS