Vulnerabilities > Redhat > Enterprise Linux Server EUS

DATE CVE VULNERABILITY TITLE RISK
2018-12-06 CVE-2018-9568 Incorrect Type Conversion or Cast vulnerability in multiple products
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion.
local
low complexity
google canonical redhat linux CWE-704
7.8
2018-12-03 CVE-2018-16863 It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509.
local
low complexity
artifex redhat
7.8
2018-11-29 CVE-2018-8786 Incorrect Conversion between Numeric Types vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
network
low complexity
freerdp canonical debian fedoraproject redhat CWE-681
critical
9.8
2018-11-26 CVE-2018-14646 NULL Pointer Dereference vulnerability in multiple products
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file.
local
low complexity
linux redhat CWE-476
5.5
2018-11-23 CVE-2018-19477 Incorrect Type Conversion or Cast vulnerability in multiple products
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
local
low complexity
artifex debian canonical redhat CWE-704
7.8
2018-11-23 CVE-2018-19476 Incorrect Type Conversion or Cast vulnerability in multiple products
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
local
low complexity
artifex debian canonical redhat CWE-704
7.8
2018-11-23 CVE-2018-19475 psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
local
low complexity
artifex debian canonical redhat
7.8
2018-11-21 CVE-2018-19409 An issue was discovered in Artifex Ghostscript before 9.26.
network
low complexity
artifex debian canonical redhat
critical
9.8
2018-11-15 CVE-2018-5407 Information Exposure Through Discrepancy vulnerability in multiple products
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
4.7
2018-11-14 CVE-2018-17466 Out-of-bounds Read vulnerability in multiple products
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google redhat debian canonical CWE-125
8.8