Vulnerabilities > Redhat > Enterprise Linux Desktop > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-25 CVE-2018-6031 Use After Free vulnerability in multiple products
Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
2018-09-25 CVE-2018-15967 Information Exposure vulnerability in multiple products
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability.
network
low complexity
adobe redhat CWE-200
7.5
2018-09-25 CVE-2018-14647 Missing Initialization of Resource vulnerability in multiple products
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization.
7.5
2018-09-19 CVE-2018-17183 Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
local
low complexity
debian canonical artifex redhat
7.8
2018-09-17 CVE-2018-11781 Code Injection vulnerability in multiple products
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
local
low complexity
apache redhat debian canonical CWE-94
7.8
2018-09-14 CVE-2018-14638 Double Free vulnerability in multiple products
A flaw was found in 389-ds-base before version 1.3.8.4-13.
network
low complexity
fedoraproject redhat CWE-415
7.5
2018-09-10 CVE-2018-16802 An issue was discovered in Artifex Ghostscript before 9.25.
local
low complexity
artifex debian canonical redhat
7.8
2018-09-06 CVE-2018-5391 Improper Input Validation vulnerability in multiple products
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly.
7.5
2018-09-06 CVE-2018-14624 A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16.
network
low complexity
fedoraproject redhat debian
7.5
2018-09-05 CVE-2018-16540 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
local
low complexity
artifex redhat debian canonical CWE-416
7.8