Filtered by vendor Redhat
Subscriptions
Total
23177 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6035 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. | ||||
| CVE-2018-6034 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
| CVE-2018-6033 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. | ||||
| CVE-2018-6032 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. | ||||
| CVE-2018-6031 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2018-5968 | 4 Debian, Fasterxml, Netapp and 1 more | 12 Debian Linux, Jackson-databind, E-series Santricity Os Controller and 9 more | 2024-11-21 | 8.1 High |
| FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist. | ||||
| CVE-2018-5950 | 4 Canonical, Debian, Gnu and 1 more | 10 Ubuntu Linux, Debian Linux, Mailman and 7 more | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. | ||||
| CVE-2018-5848 | 3 Debian, Google, Redhat | 8 Debian Linux, Android, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | ||||
| CVE-2018-5819 | 3 Debian, Libraw, Redhat | 4 Debian Linux, Libraw, Ansible Tower and 1 more | 2024-11-21 | N/A |
| An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. | ||||
| CVE-2018-5818 | 3 Debian, Libraw, Redhat | 4 Debian Linux, Libraw, Ansible Tower and 1 more | 2024-11-21 | N/A |
| An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. | ||||
| CVE-2018-5806 | 2 Libraw, Redhat | 5 Libraw, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | N/A |
| An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. | ||||
| CVE-2018-5805 | 2 Libraw, Redhat | 5 Libraw, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | N/A |
| A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash. | ||||
| CVE-2018-5803 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2024-11-21 | N/A |
| In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. | ||||
| CVE-2018-5802 | 4 Canonical, Debian, Libraw and 1 more | 7 Ubuntu Linux, Debian Linux, Libraw and 4 more | 2024-11-21 | 8.8 High |
| An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | ||||
| CVE-2018-5801 | 4 Canonical, Debian, Libraw and 1 more | 7 Ubuntu Linux, Debian Linux, Libraw and 4 more | 2024-11-21 | N/A |
| An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. | ||||
| CVE-2018-5800 | 4 Canonical, Debian, Libraw and 1 more | 7 Ubuntu Linux, Debian Linux, Libraw and 4 more | 2024-11-21 | 6.5 Medium |
| An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. | ||||
| CVE-2018-5785 | 4 Canonical, Debian, Redhat and 1 more | 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more | 2024-11-21 | 6.5 Medium |
| In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | ||||
| CVE-2018-5750 | 4 Canonical, Debian, Linux and 1 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-11-21 | N/A |
| The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. | ||||
| CVE-2018-5748 | 2 Debian, Redhat | 10 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 7 more | 2024-11-21 | N/A |
| qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. | ||||
| CVE-2018-5745 | 2 Isc, Redhat | 2 Bind, Enterprise Linux | 2024-11-21 | 4.9 Medium |
| "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745. | ||||