Vulnerabilities > Redhat > Enterprise Linux Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-5469 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-7779 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2.
network
low complexity
debian redhat mozilla CWE-119
critical
10.0
2018-06-11 CVE-2017-7786 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-7810 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3.
network
low complexity
debian redhat canonical mozilla CWE-119
critical
10.0
2018-06-11 CVE-2017-7826 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4.
network
low complexity
debian redhat canonical mozilla CWE-119
critical
10.0
2018-05-19 CVE-2018-4944 Incorrect Type Conversion or Cast vulnerability in multiple products
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability.
network
low complexity
adobe redhat CWE-704
critical
10.0
2018-05-18 CVE-2018-11236 Integer Overflow or Wraparound vulnerability in multiple products
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
network
low complexity
gnu redhat oracle netapp CWE-190
critical
9.8
2018-03-26 CVE-2018-1312 Improper Authentication vulnerability in multiple products
In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed.
network
low complexity
apache canonical debian netapp redhat CWE-287
critical
9.8
2018-03-23 CVE-2018-1000140 Out-of-bounds Write vulnerability in multiple products
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution.
network
low complexity
rsyslog debian canonical redhat CWE-787
critical
9.8
2018-03-20 CVE-2018-8088 org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.
network
low complexity
qos redhat oracle
critical
9.8