Vulnerabilities > Redhat > Enterprise Linux Workstation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-12 | CVE-2018-7858 | Out-of-bounds Read vulnerability in multiple products Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. | 5.5 |
| 2018-03-12 | CVE-2016-9600 | NULL Pointer Dereference vulnerability in multiple products JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. | 6.5 |
| 2018-03-12 | CVE-2014-8130 | Divide By Zero vulnerability in multiple products The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither. | 6.5 |
| 2018-03-09 | CVE-2016-9591 | Use After Free vulnerability in multiple products JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. | 5.5 |
| 2018-03-09 | CVE-2018-1071 | zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. | 5.5 |
| 2018-03-07 | CVE-2018-7740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call. | 5.5 |
| 2018-03-06 | CVE-2018-5729 | NULL Pointer Dereference vulnerability in multiple products MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. | 4.7 |
| 2018-03-06 | CVE-2018-7727 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. | 6.5 |
| 2018-03-06 | CVE-2018-7726 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. | 6.5 |
| 2018-03-06 | CVE-2018-7725 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. | 6.5 |