Vulnerabilities > Redhat > Enterprise Linux Desktop > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-14 | CVE-2014-7844 | Injection vulnerability in multiple products BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. | 7.8 |
2020-01-13 | CVE-2020-6851 | Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. | 7.5 |
2020-01-10 | CVE-2020-6377 | Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-12-18 | CVE-2018-1311 | Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. | 8.1 |
2019-12-10 | CVE-2019-13764 | Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-12-10 | CVE-2019-13747 | Use of Uninitialized Resource vulnerability in multiple products Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-12-10 | CVE-2019-13741 | Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content. | 8.8 |
2019-12-10 | CVE-2019-13736 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
2019-12-10 | CVE-2019-13735 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
2019-12-10 | CVE-2019-13734 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |