Vulnerabilities > Redhat > Enterprise Linux Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2016-9900 | 7PK - Security Features vulnerability in multiple products External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. | 7.5 |
| 2018-06-11 | CVE-2016-9897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. | 7.5 |
| 2018-06-11 | CVE-2016-9079 | Use After Free vulnerability in multiple products A use-after-free vulnerability in SVG Animation has been discovered. | 7.5 |
| 2018-06-08 | CVE-2018-12020 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. | 7.5 |
| 2018-05-30 | CVE-2018-11235 | Path Traversal vulnerability in multiple products In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. | 7.8 |
| 2018-05-23 | CVE-2018-1124 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. | 7.8 |
| 2018-05-18 | CVE-2018-11237 | Out-of-bounds Write vulnerability in multiple products An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. | 7.8 |
| 2018-05-17 | CVE-2018-1111 | DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. | 7.5 |
| 2018-05-15 | CVE-2018-1087 | kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. | 7.8 |
| 2018-05-09 | CVE-2018-1089 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. | 7.5 |