Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Workstation Subscriptions
Total 1849 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-6040 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page.
CVE-2018-6037 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.
CVE-2018-6036 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-08-05 N/A
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page.
CVE-2018-5950 4 Canonical, Debian, Gnu and 1 more 10 Ubuntu Linux, Debian Linux, Mailman and 7 more 2024-08-05 6.1 Medium
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
CVE-2018-5803 3 Debian, Linux, Redhat 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more 2024-08-05 N/A
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
CVE-2018-5802 4 Canonical, Debian, Libraw and 1 more 7 Ubuntu Linux, Debian Linux, Libraw and 4 more 2024-08-05 8.8 High
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVE-2018-5801 4 Canonical, Debian, Libraw and 1 more 7 Ubuntu Linux, Debian Linux, Libraw and 4 more 2024-08-05 N/A
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5806 2 Libraw, Redhat 5 Libraw, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5800 4 Canonical, Debian, Libraw and 1 more 7 Ubuntu Linux, Debian Linux, Libraw and 4 more 2024-08-05 6.5 Medium
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVE-2018-5805 2 Libraw, Redhat 5 Libraw, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-08-05 N/A
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
CVE-2018-5748 2 Debian, Redhat 10 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 7 more 2024-08-05 N/A
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
CVE-2018-5729 4 Debian, Fedoraproject, Mit and 1 more 7 Debian Linux, Fedora, Kerberos 5 and 4 more 2024-08-05 4.7 Medium
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
CVE-2018-5730 4 Debian, Fedoraproject, Mit and 1 more 7 Debian Linux, Fedora, Kerberos 5 and 4 more 2024-08-05 3.8 Low
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
CVE-2018-5750 4 Canonical, Debian, Linux and 1 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-08-05 N/A
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
CVE-2018-5683 4 Canonical, Debian, Qemu and 1 more 11 Ubuntu Linux, Debian Linux, Qemu and 8 more 2024-08-05 6.0 Medium
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
CVE-2018-5390 8 A10networks, Canonical, Cisco and 5 more 47 Advanced Core Operating System, Ubuntu Linux, Collaboration Meeting Rooms and 44 more 2024-08-05 7.5 High
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
CVE-2018-5391 7 Canonical, Debian, F5 and 4 more 80 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 77 more 2024-08-05 7.5 High
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
CVE-2018-5407 7 Canonical, Debian, Nodejs and 4 more 23 Ubuntu Linux, Debian Linux, Node.js and 20 more 2024-08-05 4.7 Medium
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVE-2018-5344 3 Canonical, Linux, Redhat 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more 2024-08-05 N/A
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
CVE-2018-5345 5 Canonical, Debian, Fedoraproject and 2 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2024-08-05 N/A
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.