Vulnerabilities > Redhat > Enterprise Linux Server > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-04 CVE-2018-10911 A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values.
network
low complexity
gluster redhat debian opensuse
7.5
7.5
2018-09-04 CVE-2018-10907 It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'.
network
low complexity
gluster redhat debian opensuse
8.8
8.8
2018-09-04 CVE-2018-10904 It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator.
network
low complexity
gluster redhat debian opensuse
8.8
8.8
2018-08-29 CVE-2018-12827 Out-of-bounds Read vulnerability in multiple products
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability.
network
low complexity
adobe redhat CWE-125
7.5
7.5
2018-08-29 CVE-2018-12826 Out-of-bounds Read vulnerability in multiple products
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability.
network
low complexity
adobe redhat CWE-125
7.5
7.5
2018-08-28 CVE-2017-15399 Use After Free vulnerability in multiple products
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-416
8.8
8.8
2018-08-28 CVE-2017-15413 Incorrect Type Conversion or Cast vulnerability in multiple products
Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
redhat debian google CWE-704
8.8
8.8
2018-08-28 CVE-2017-15412 Use After Free vulnerability in multiple products
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
redhat debian google xmlsoft CWE-416
8.8
8.8
2018-08-28 CVE-2017-15411 Use After Free vulnerability in multiple products
Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-416
8.8
8.8
2018-08-28 CVE-2017-15410 Use After Free vulnerability in multiple products
Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-416
8.8
8.8