Vulnerabilities > Redhat > Enterprise Linux AUS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-06 | CVE-2018-13405 | Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. | 7.8 |
| 2018-06-11 | CVE-2017-7824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. | 7.5 |
| 2018-06-11 | CVE-2016-9901 | Improper Input Validation vulnerability in multiple products HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. | 7.5 |
| 2017-08-19 | CVE-2017-10661 | Use After Free vulnerability in multiple products Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. | 7.0 |
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |