ReportizFlow
Filtered by vendor Redhat
Subscriptions
Total
22995 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18342 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | ||||
| CVE-2018-18341 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18340 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18339 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18338 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18337 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18336 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2018-18335 | 4 Debian, Google, Opensuse and 1 more | 7 Debian Linux, Chrome, Leap and 4 more | 2024-11-21 | N/A |
| Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18314 | 5 Canonical, Debian, Netapp and 2 more | 9 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 6 more | 2024-11-21 | N/A |
| Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18313 | 6 Apple, Canonical, Debian and 3 more | 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more | 2024-11-21 | N/A |
| Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | ||||
| CVE-2018-18312 | 5 Canonical, Debian, Netapp and 2 more | 9 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 6 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 23 Mac Os X, Ubuntu Linux, Debian Linux and 20 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18310 | 5 Canonical, Debian, Elfutils Project and 2 more | 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more | 2024-11-21 | 5.5 Medium |
| An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes. | ||||
| CVE-2018-18284 | 5 Artifex, Canonical, Debian and 2 more | 12 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 9 more | 2024-11-21 | N/A |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | ||||
| CVE-2018-18281 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | N/A |
| Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19. | ||||
| CVE-2018-18074 | 4 Canonical, Opensuse, Python and 1 more | 8 Ubuntu Linux, Leap, Requests and 5 more | 2024-11-21 | 7.5 High |
| The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | ||||
| CVE-2018-18073 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2024-11-21 | 6.3 Medium |
| Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. | ||||
| CVE-2018-18024 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | ||||
| CVE-2018-18021 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | N/A |
| arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes. | ||||
| CVE-2018-18016 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. | ||||