Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Workstation Subscriptions
Total 1849 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-13739 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 6.5 Medium
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13738 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 6.5 Medium
Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2019-13737 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 6.5 Medium
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-13736 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-13735 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-13734 8 Canonical, Debian, Fedoraproject and 5 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2024-11-21 8.8 High
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13732 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13730 6 Debian, Fedoraproject, Google and 3 more 10 Debian Linux, Fedora, Chrome and 7 more 2024-11-21 8.8 High
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13729 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13728 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13727 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2019-13726 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2019-13725 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 8.8 High
Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2019-13723 4 Fedoraproject, Google, Opensuse and 1 more 7 Fedora, Chrome, Backports and 4 more 2024-11-21 8.8 High
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13616 6 Canonical, Debian, Fedoraproject and 3 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2024-11-21 8.1 High
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-11833 5 Canonical, Debian, Fedoraproject and 2 more 16 Ubuntu Linux, Debian Linux, Fedora and 13 more 2024-11-21 5.5 Medium
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
CVE-2019-11811 3 Linux, Opensuse, Redhat 15 Linux Kernel, Leap, Enterprise Linux and 12 more 2024-11-21 7.0 High
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
CVE-2019-11775 2 Eclipse, Redhat 8 Openj9, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 7.4 High
All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems.
CVE-2019-11235 5 Canonical, Fedoraproject, Freeradius and 2 more 10 Ubuntu Linux, Fedora, Freeradius and 7 more 2024-11-21 N/A
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
CVE-2019-11135 9 Canonical, Debian, Fedoraproject and 6 more 312 Ubuntu Linux, Debian Linux, Fedora and 309 more 2024-11-21 6.5 Medium
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.