Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Workstation Subscriptions
Total 1849 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-6133 4 Canonical, Debian, Polkit Project and 1 more 12 Ubuntu Linux, Debian Linux, Polkit and 9 more 2024-11-21 N/A
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
CVE-2019-6116 6 Artifex, Canonical, Debian and 3 more 12 Ghostscript, Ubuntu Linux, Debian Linux and 9 more 2024-11-21 7.8 High
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
CVE-2019-5782 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-5781 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5780 5 Apple, Debian, Fedoraproject and 2 more 8 Macos, Debian Linux, Fedora and 5 more 2024-11-21 N/A
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
CVE-2019-5779 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-5778 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.
CVE-2019-5777 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5776 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5775 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5774 5 Debian, Fedoraproject, Google and 2 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 N/A
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.
CVE-2019-5773 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
CVE-2019-5772 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5771 3 Fedoraproject, Google, Redhat 6 Fedora, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2019-5770 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-5769 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5768 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
CVE-2019-5767 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Android and 5 more 2024-11-21 N/A
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.
CVE-2019-5766 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 N/A
Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5765 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Android and 5 more 2024-11-21 N/A
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.