Vulnerabilities > Redhat > Enterprise Linux Server

DATE CVE VULNERABILITY TITLE RISK
2020-02-11 CVE-2020-6385 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
8.8
2020-02-11 CVE-2020-6382 Type Confusion vulnerability in multiple products
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2020-02-11 CVE-2020-6381 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2020-02-07 CVE-2019-15605 HTTP Request Smuggling vulnerability in multiple products
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
network
low complexity
nodejs debian fedoraproject opensuse redhat oracle CWE-444
critical
9.8
2020-02-06 CVE-2013-4166 Information Exposure vulnerability in multiple products
The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information.
network
low complexity
gnome redhat CWE-200
7.5
2020-01-31 CVE-2014-8141 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2014-8140 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2014-8139 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2011-4088 Information Exposure vulnerability in multiple products
ABRT might allow attackers to obtain sensitive information from crash reports.
network
low complexity
abrt-project fedoraproject redhat CWE-200
7.5
2020-01-15 CVE-2020-2659 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking).
network
high complexity
oracle debian canonical netapp opensuse redhat
3.7