Vulnerabilities > Redhat > Enterprise Linux Desktop > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-25 | CVE-2018-6037 | Information Exposure vulnerability in multiple products Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page. | 6.5 |
2018-09-25 | CVE-2018-6036 | Improper Input Validation vulnerability in multiple products Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page. | 6.5 |
2018-09-25 | CVE-2018-6032 | Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. | 6.5 |
2018-09-25 | CVE-2018-15967 | Information Exposure vulnerability in multiple products Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. | 5.0 |
2018-09-17 | CVE-2017-15705 | Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. | 5.3 |
2018-09-14 | CVE-2018-14638 | Double Free vulnerability in multiple products A flaw was found in 389-ds-base before version 1.3.8.4-13. | 5.0 |
2018-09-05 | CVE-2018-16542 | Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | 5.5 |
2018-09-05 | CVE-2018-16541 | Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | 5.5 |
2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
2018-09-04 | CVE-2018-10911 | Deserialization of Untrusted Data vulnerability in multiple products A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. | 5.0 |