Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Desktop
Total 1947 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-6043 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page.
CVE-2018-6042 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-6041 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-6040 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page.
CVE-2018-6039 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.
CVE-2018-6038 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-6037 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.
CVE-2018-6036 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page.
CVE-2018-6035 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension.
CVE-2018-6034 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 5.8 MEDIUM 8.1 HIGH
Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-6033 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.
CVE-2018-6032 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page.
CVE-2018-6031 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2018-5950 4 Canonical, Debian, Gnu and 1 more 9 Ubuntu Linux, Debian Linux, Mailman and 6 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
CVE-2018-5848 3 Debian, Google, Redhat 6 Debian Linux, Android, Enterprise Linux Desktop and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-5806 2 Libraw, Redhat 4 Libraw, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5805 2 Libraw, Redhat 4 Libraw, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
CVE-2018-5803 3 Debian, Linux, Redhat 6 Debian Linux, Linux Kernel, Enterprise Linux Desktop and 3 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
CVE-2018-5802 4 Canonical, Debian, Libraw and 1 more 6 Ubuntu Linux, Debian Linux, Libraw and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVE-2018-5801 4 Canonical, Debian, Libraw and 1 more 6 Ubuntu Linux, Debian Linux, Libraw and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.