Vulnerabilities > Redhat > Enterprise Linux Server AUS > 7.6

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-11	CVE-2018-16865	An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. local low complexity systemd-project redhat debian canonical oracle	7.8
2019-01-11	CVE-2018-16864	An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. local low complexity systemd-project redhat debian canonical oracle	7.8
2019-01-11	CVE-2018-16866	An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. local low complexity systemd-project debian canonical netapp redhat	3.3
2019-01-11	CVE-2019-6133	Race Condition vulnerability in multiple products In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. local high complexity polkit-project debian redhat canonical CWE-362	6.7
2018-12-20	CVE-2018-19134	Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. local low complexity artifex debian redhat CWE-704	7.8
2018-12-19	CVE-2018-15127	Out-of-bounds Write vulnerability in multiple products LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution network low complexity libvnc-project canonical redhat debian CWE-787 critical	9.8
2018-12-12	CVE-2018-18397	Incorrect Authorization vulnerability in multiple products The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. local low complexity linux redhat canonical CWE-863	5.5
2018-12-11	CVE-2018-18356	Use After Free vulnerability in multiple products An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian canonical redhat opensuse CWE-416	8.8
2018-12-07	CVE-2018-18311	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190 critical	9.8
2018-12-06	CVE-2018-9568	Incorrect Type Conversion or Cast vulnerability in multiple products In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. local low complexity google canonical redhat linux CWE-704	7.8