Vulnerabilities > Redhat > Enterprise Linux Workstation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2016-9840 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 8.8 |
| 2017-05-09 | CVE-2017-3074 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. | 8.8 |
| 2017-05-09 | CVE-2017-3073 | Use After Free vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. | 8.8 |
| 2017-05-09 | CVE-2017-3072 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. | 8.8 |
| 2017-05-09 | CVE-2017-3071 | Use After Free vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. | 8.8 |
| 2017-05-09 | CVE-2017-3070 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. | 8.8 |
| 2017-05-09 | CVE-2017-3069 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. | 8.8 |
| 2017-05-09 | CVE-2017-3068 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. | 8.8 |
| 2017-04-27 | CVE-2017-8291 | Type Confusion vulnerability in multiple products Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. | 7.8 |
| 2017-04-24 | CVE-2017-5043 | Use After Free vulnerability in multiple products Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. | 8.8 |