Vulnerabilities > Redhat > Enterprise Linux Workstation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-1083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. | 7.8 |
| 2018-03-22 | CVE-2018-8905 | Out-of-bounds Write vulnerability in multiple products In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. | 8.8 |
| 2018-03-14 | CVE-2018-1000121 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service | 7.5 |
| 2018-03-07 | CVE-2018-1054 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. | 7.5 |
| 2018-03-02 | CVE-2018-7643 | Integer Overflow or Wraparound vulnerability in multiple products The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump. | 7.8 |
| 2018-03-01 | CVE-2017-15134 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. | 7.5 |
| 2018-03-01 | CVE-2018-7550 | Out-of-bounds Write vulnerability in multiple products The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | 8.8 |
| 2018-02-27 | CVE-2018-7549 | Improper Input Validation vulnerability in multiple products In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p. | 7.5 |
| 2018-02-23 | CVE-2018-6764 | Origin Validation Error vulnerability in multiple products util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. | 7.8 |
| 2018-02-18 | CVE-2018-7208 | Improper Input Validation vulnerability in multiple products In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. | 7.8 |