Vulnerabilities > Redhat > Enterprise Linux Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-07-09 CVE-2018-5002 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability.
network
low complexity
adobe redhat CWE-787
critical
9.8
2018-07-05 CVE-2018-12910 Out-of-bounds Read vulnerability in multiple products
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
network
low complexity
gnome canonical debian redhat opensuse CWE-125
critical
9.8
2018-07-03 CVE-2017-2615 Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen
critical
9.1
2018-06-11 CVE-2016-9893 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Thunderbird 45.5.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8
2018-06-11 CVE-2016-9898 Use After Free vulnerability in multiple products
Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2016-9899 Use After Free vulnerability in multiple products
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2016-9901 Improper Input Validation vulnerability in multiple products
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection.
network
low complexity
redhat mozilla CWE-20
critical
9.8
2018-06-11 CVE-2017-5373 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6.
network
low complexity
mozilla debian redhat CWE-119
critical
9.8
2018-06-11 CVE-2017-5375 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks.
network
low complexity
redhat mozilla debian CWE-119
critical
9.8
2018-06-11 CVE-2017-5376 Use After Free vulnerability in multiple products
Use-after-free while manipulating XSL in XSLT documents.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8