Enterprise Linux Workstation

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-16	CVE-2019-2449	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network high complexity oracle redhat netapp	3.1
2019-01-16	CVE-2019-2422	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp redhat debian opensuse hp	3.1
2019-01-14	CVE-2018-16886	Improper Authentication vulnerability in multiple products etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. network high complexity etcd redhat fedoraproject CWE-287	8.1
2019-01-11	CVE-2018-16865	An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. local low complexity systemd-project redhat debian canonical oracle	7.8
2019-01-11	CVE-2018-16864	An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. local low complexity systemd-project redhat debian canonical oracle	7.8
2019-01-11	CVE-2018-16866	An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. local low complexity systemd-project debian canonical netapp redhat	3.3
2019-01-11	CVE-2019-6133	Race Condition vulnerability in multiple products In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. local high complexity polkit-project debian redhat canonical CWE-362	6.7
2019-01-09	CVE-2018-6179	Information Exposure vulnerability in multiple products Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. network low complexity google debian redhat CWE-200	6.5
2019-01-09	CVE-2018-6178	Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension. network low complexity google debian redhat CWE-1021	4.3
2019-01-09	CVE-2018-6175	Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian redhat	6.5