Vulnerabilities > Redhat > Enterprise Linux Server EUS > 7.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2018-5157 | Origin Validation Error vulnerability in multiple products Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. | 7.5 |
| 2018-06-11 | CVE-2018-5155 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. | 9.8 |
| 2018-06-11 | CVE-2018-5154 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. | 9.8 |
| 2018-06-11 | CVE-2018-5150 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. | 9.8 |
| 2018-06-11 | CVE-2018-5146 | Out-of-bounds Write vulnerability in multiple products An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. | 8.8 |
| 2018-06-11 | CVE-2018-5145 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox ESR 52.6. | 9.8 |
| 2018-06-08 | CVE-2018-12020 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. | 7.5 |
| 2018-05-02 | CVE-2018-10675 | Use After Free vulnerability in multiple products The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. | 7.8 |
| 2018-04-23 | CVE-2018-1106 | Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. | 5.5 |
| 2018-04-23 | CVE-2017-17833 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. | 9.8 |