Vulnerabilities > Redhat > Enterprise Linux Server TUS > 7.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-6116 | In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. | 7.8 |
2019-03-14 | CVE-2019-3816 | Path Traversal vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. | 7.5 |
2019-02-28 | CVE-2018-18498 | Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. | 7.5 |
2019-02-28 | CVE-2018-18494 | Origin Validation Error vulnerability in Mozilla Firefox and Firefox ESR A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). | 4.3 |
2019-02-28 | CVE-2018-18493 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. | 7.5 |
2019-02-28 | CVE-2018-18492 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. | 7.5 |
2019-02-28 | CVE-2018-12405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. | 7.5 |
2019-02-28 | CVE-2018-12396 | Incorrect Permission Assignment for Critical Resource vulnerability in Mozilla Firefox and Firefox ESR A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. | 4.3 |
2019-02-28 | CVE-2018-12393 | Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. | 5.0 |
2019-02-28 | CVE-2018-12392 | Unspecified vulnerability in Mozilla Firefox and Firefox ESR When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. | 7.5 |