Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras
Subscriptions
Total
3425 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-4125 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more | 2024-08-06 | 8.8 High |
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
CVE-2016-4113 | 3 Adobe, Microsoft, Redhat | 4 Flash Player, Edge, Internet Explorer and 1 more | 2024-08-06 | N/A |
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | ||||
CVE-2016-4117 | 4 Adobe, Opensuse, Redhat and 1 more | 10 Flash Player, Evergreen, Opensuse and 7 more | 2024-08-06 | 9.8 Critical |
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016. | ||||
CVE-2016-4110 | 3 Adobe, Microsoft, Redhat | 4 Flash Player, Edge, Internet Explorer and 1 more | 2024-08-06 | N/A |
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | ||||
CVE-2016-3679 | 4 Canonical, Google, Opensuse and 1 more | 5 Ubuntu Linux, Chrome, V8 and 2 more | 2024-08-06 | N/A |
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2016-3598 | 2 Oracle, Redhat | 7 Jdk, Jre, Linux and 4 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. | ||||
CVE-2016-3511 | 2 Oracle, Redhat | 5 Jdk, Jre, Network Satellite and 2 more | 2024-08-05 | N/A |
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment. | ||||
CVE-2016-3426 | 2 Oracle, Redhat | 6 Jdk, Jre, Enterprise Linux and 3 more | 2024-08-05 | N/A |
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE. | ||||
CVE-2016-3427 | 8 Apache, Canonical, Debian and 5 more | 42 Cassandra, Ubuntu Linux, Debian Linux and 39 more | 2024-08-05 | 9.8 Critical |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||||
CVE-2016-3449 | 2 Oracle, Redhat | 5 Jdk, Jre, Network Satellite and 2 more | 2024-08-05 | N/A |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. | ||||
CVE-2016-3443 | 2 Oracle, Redhat | 5 Jdk, Jre, Network Satellite and 2 more | 2024-08-05 | N/A |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read. | ||||
CVE-2016-3422 | 2 Oracle, Redhat | 5 Jdk, Jre, Network Satellite and 2 more | 2024-08-05 | N/A |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. | ||||
CVE-2016-2844 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-05 | N/A |
WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and assertion failure) or possibly have unspecified other impact via crafted JavaScript code. | ||||
CVE-2016-2845 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-05 | N/A |
The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623.75, does not ignore a URL's path component in the case of a ServiceWorker fetch, which allows remote attackers to obtain sensitive information about visited web pages by reading CSP violation reports, related to FrameFetchContext.cpp and ResourceFetcher.cpp. | ||||
CVE-2016-2843 | 2 Google, Redhat | 3 Chrome, V8, Rhel Extras | 2024-08-05 | N/A |
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2016-2183 | 6 Cisco, Nodejs, Openssl and 3 more | 14 Content Security Management Appliance, Node.js, Openssl and 11 more | 2024-08-05 | 7.5 High |
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. | ||||
CVE-2016-2051 | 2 Google, Redhat | 6 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 3 more | 2024-08-05 | N/A |
Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2016-2052 | 3 Google, Harfbuzz Project, Redhat | 3 Chrome, Harfbuzz, Rhel Extras | 2024-08-05 | N/A |
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. | ||||
CVE-2016-1706 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-05 | N/A |
The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to broker_process_dispatcher.cc, ppapi_plugin_process_host.cc, ppapi_thread.cc, and render_frame_message_filter.cc. | ||||
CVE-2016-1710 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-05 | N/A |
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. |