Vulnerabilities > Redhat > Enterprise Linux Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-28 | CVE-2017-15408 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. | 8.8 |
| 2018-08-28 | CVE-2017-15407 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server. | 8.8 |
| 2018-08-28 | CVE-2018-15911 | Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15910 | Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15909 | Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | 7.8 |
| 2018-08-26 | CVE-2011-2767 | Code Injection vulnerability in multiple products mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes. | 9.8 |
| 2018-08-24 | CVE-2018-14599 | Off-by-one Error vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. | 9.8 |
| 2018-08-22 | CVE-2018-10858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. | 8.8 |
| 2018-08-22 | CVE-2018-1139 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. | 8.1 |