Vulnerabilities > Redhat > Enterprise Linux Server

DATE CVE VULNERABILITY TITLE RISK
2020-10-27 CVE-2019-8846 Use After Free vulnerability in multiple products
A use after free issue was addressed with improved memory management.
network
low complexity
apple redhat CWE-416
8.8
2020-10-27 CVE-2019-8844 Out-of-bounds Write vulnerability in multiple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple redhat CWE-787
8.8
2020-10-27 CVE-2019-8835 Out-of-bounds Write vulnerability in multiple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple redhat CWE-787
8.8
2020-07-13 CVE-2020-14300 Improper Check for Dropped Privileges vulnerability in multiple products
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes.
local
low complexity
redhat docker CWE-273
8.8
2020-07-13 CVE-2020-14298 Improper Check for Dropped Privileges vulnerability in multiple products
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304.
local
low complexity
redhat docker CWE-273
8.8
2020-05-26 CVE-2020-10751 A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message.
local
low complexity
kernel redhat
6.1
2020-03-12 CVE-2020-10531 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1.
8.8
2020-02-27 CVE-2020-6418 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-843
8.8
2020-02-27 CVE-2020-6386 Use After Free vulnerability in multiple products
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-416
8.8
2020-02-27 CVE-2020-6384 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-416
8.8