Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Workstation Subscriptions
Total 1849 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-7726 3 Canonical, Redhat, Zziplib Project 6 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
CVE-2018-7725 3 Canonical, Redhat, Zziplib Project 6 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
CVE-2018-7642 2 Gnu, Redhat 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.
CVE-2018-7643 2 Gnu, Redhat 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.
CVE-2018-7568 2 Gnu, Redhat 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm.
CVE-2018-7566 6 Canonical, Debian, Linux and 3 more 16 Ubuntu Linux, Debian Linux, Linux Kernel and 13 more 2024-08-05 N/A
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2018-7550 4 Canonical, Debian, Qemu and 1 more 11 Ubuntu Linux, Debian Linux, Qemu and 8 more 2024-08-05 8.8 High
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
CVE-2018-7569 2 Gnu, Redhat 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
CVE-2018-7549 3 Canonical, Redhat, Zsh 6 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
CVE-2018-7225 4 Canonical, Debian, Libvncserver Project and 1 more 10 Ubuntu Linux, Debian Linux, Libvncserver and 7 more 2024-08-05 N/A
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
CVE-2018-7208 2 Gnu, Redhat 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.
CVE-2018-6927 4 Canonical, Debian, Linux and 1 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-08-05 N/A
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
CVE-2018-6871 4 Canonical, Debian, Libreoffice and 1 more 10 Ubuntu Linux, Debian Linux, Libreoffice and 7 more 2024-08-05 N/A
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
CVE-2018-6798 4 Canonical, Debian, Perl and 1 more 6 Ubuntu Linux, Debian Linux, Perl and 3 more 2024-08-05 N/A
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.
CVE-2018-6797 4 Canonical, Debian, Perl and 1 more 6 Ubuntu Linux, Debian Linux, Perl and 3 more 2024-08-05 N/A
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.
CVE-2018-6764 3 Canonical, Debian, Redhat 8 Ubuntu Linux, Debian Linux, Enterprise Linux and 5 more 2024-08-05 N/A
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
CVE-2018-6560 2 Flatpak, Redhat 8 Flatpak, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-08-05 N/A
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.
CVE-2018-6485 4 Gnu, Netapp, Oracle and 1 more 16 Glibc, Cloud Backup, Data Ontap Edge and 13 more 2024-08-05 N/A
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
CVE-2018-6152 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
CVE-2018-6179 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.