Vulnerabilities > Redhat > Enterprise Linux Server AUS

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5096 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5095 Use of Uninitialized Resource vulnerability in multiple products
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM.
network
low complexity
debian redhat mozilla canonical CWE-908
critical
 9.8
9.8
2018-06-11 CVE-2018-5091 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2017-7848 Injection vulnerability in multiple products
RSS fields can inject new lines into the created email structure, modifying the message body.
network
low complexity
mozilla redhat debian CWE-74
5.3
5.3
2018-06-11 CVE-2017-7846 Injection vulnerability in multiple products
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g.
network
low complexity
redhat debian mozilla CWE-74
8.8
8.8
2018-06-11 CVE-2017-7843 Information Exposure vulnerability in multiple products
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely.
network
low complexity
debian mozilla redhat CWE-200
7.5
7.5
2018-06-11 CVE-2017-7830 The Resource Timing API incorrectly revealed navigations in cross-origin iframes.
network
low complexity
debian mozilla redhat
6.5
6.5
2018-06-11 CVE-2017-7828 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use.
network
low complexity
debian redhat mozilla CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2017-7826 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4.
network
low complexity
debian redhat canonical mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2017-7823 Cross-site Scripting vulnerability in multiple products
The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified.
network
low complexity
redhat debian mozilla CWE-79
5.4
5.4