Vulnerabilities > Redhat > Enterprise Linux Server AUS

DATE CVE VULNERABILITY TITLE RISK
2019-02-28 CVE-2018-18498 Integer Overflow or Wraparound vulnerability in multiple products
A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value.
network
low complexity
mozilla debian canonical redhat CWE-190
critical
9.8
2019-02-28 CVE-2018-18494 Origin Validation Error vulnerability in multiple products
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries().
network
low complexity
mozilla debian canonical redhat CWE-346
6.5
2019-02-28 CVE-2018-18493 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit.
network
low complexity
mozilla debian canonical redhat CWE-119
critical
9.8
2019-02-28 CVE-2018-18492 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection.
network
low complexity
mozilla debian canonical redhat CWE-416
critical
9.8
2019-02-28 CVE-2018-12405 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3.
network
low complexity
mozilla debian canonical redhat CWE-119
critical
9.8
2019-02-28 CVE-2018-12396 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events.
network
low complexity
mozilla debian canonical redhat CWE-732
6.5
2019-02-28 CVE-2018-12393 Integer Overflow or Wraparound vulnerability in multiple products
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion.
network
low complexity
mozilla debian canonical redhat CWE-190
7.5
2019-02-28 CVE-2018-12392 When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling.
network
low complexity
mozilla debian canonical redhat
critical
9.8
2019-02-28 CVE-2018-12390 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2.
network
low complexity
mozilla debian canonical redhat CWE-119
critical
9.8
2019-02-28 CVE-2018-12389 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2.
network
low complexity
mozilla debian canonical redhat CWE-119
8.8