Vulnerabilities > Redhat > Enterprise Linux Server > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-04 | CVE-2018-6152 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. | 9.6 |
2018-11-29 | CVE-2018-15981 | Incorrect Type Conversion or Cast vulnerability in multiple products Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. | 9.8 |
2018-11-29 | CVE-2018-8786 | Incorrect Conversion between Numeric Types vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. | 9.8 |
2018-11-29 | CVE-2018-8787 | Integer Overflow or Wraparound vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | 9.8 |
2018-11-21 | CVE-2018-19409 | An issue was discovered in Artifex Ghostscript before 9.26. | 9.8 |
2018-11-14 | CVE-2018-17472 | Improper Input Validation vulnerability in multiple products Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page. | 9.6 |
2018-11-08 | CVE-2018-19115 | Out-of-bounds Write vulnerability in multiple products keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap. | 9.8 |
2018-10-18 | CVE-2018-12376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. | 9.8 |
2018-10-18 | CVE-2018-12377 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. | 9.8 |
2018-10-18 | CVE-2018-12378 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. | 9.8 |