Filtered by vendor Redhat
Subscriptions
Total
23201 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13676 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | ||||
| CVE-2019-13675 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page. | ||||
| CVE-2019-13674 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | ||||
| CVE-2019-13673 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 7.4 High |
| Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2019-13671 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page. | ||||
| CVE-2019-13670 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 6.5 Medium |
| Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-13669 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | ||||
| CVE-2019-13668 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 7.4 High |
| Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2019-13667 | 3 Apple, Google, Redhat | 3 Iphone Os, Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | ||||
| CVE-2019-13666 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 7.4 High |
| Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2019-13665 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 6.5 Medium |
| Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page. | ||||
| CVE-2019-13664 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 6.5 Medium |
| Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | ||||
| CVE-2019-13663 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | ||||
| CVE-2019-13662 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 6.5 Medium |
| Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | ||||
| CVE-2019-13661 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page. | ||||
| CVE-2019-13660 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 5.3 Medium |
| UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page. | ||||
| CVE-2019-13659 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 4.3 Medium |
| IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | ||||
| CVE-2019-13648 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-11-21 | 5.5 Medium |
| In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c. | ||||
| CVE-2019-13638 | 3 Debian, Gnu, Redhat | 7 Debian Linux, Patch, Enterprise Linux and 4 more | 2024-11-21 | N/A |
| GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. | ||||
| CVE-2019-13636 | 2 Gnu, Redhat | 2 Patch, Enterprise Linux | 2024-11-21 | N/A |
| In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. | ||||