Vulnerabilities > Redhat > Enterprise Linux Server AUS > 7.4

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-26	CVE-2017-18344	Out-of-bounds Read vulnerability in multiple products The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). local low complexity linux canonical redhat CWE-125	5.5
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-03	CVE-2017-2615	Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. network low complexity qemu redhat citrix debian xen critical	9.1
2018-06-11	CVE-2018-5146	Out-of-bounds Write vulnerability in multiple products An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. network low complexity redhat debian canonical mozilla CWE-787	8.8
2018-06-11	CVE-2018-5145	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox ESR 52.6. network low complexity debian redhat mozilla canonical CWE-119 critical	9.8
2018-06-11	CVE-2018-5144	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. network low complexity redhat debian canonical mozilla CWE-190	7.3
2018-06-11	CVE-2018-5131	Information Exposure vulnerability in multiple products Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. network high complexity debian mozilla redhat canonical CWE-200	5.9
2018-06-11	CVE-2018-5130	Improper Input Validation vulnerability in multiple products When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. network low complexity debian redhat canonical mozilla CWE-20	8.8
2018-06-11	CVE-2018-5129	Out-of-bounds Write vulnerability in multiple products A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. network low complexity debian mozilla redhat canonical CWE-787	8.6
2018-06-11	CVE-2018-5127	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. network low complexity redhat debian canonical mozilla CWE-119	8.8