Vulnerabilities > Redhat > Enterprise Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-14618 | Integer Overflow or Wraparound vulnerability in multiple products curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. | 10.0 |
| 2018-08-26 | CVE-2011-2767 | Code Injection vulnerability in multiple products mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes. | 9.8 |
| 2018-07-27 | CVE-2017-15118 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. | 9.8 |
| 2018-06-11 | CVE-2016-9899 | Use After Free vulnerability in multiple products Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. | 9.8 |
| 2018-06-11 | CVE-2017-5432 | Use After Free vulnerability in multiple products A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. | 9.8 |
| 2018-06-11 | CVE-2017-5433 | Use After Free vulnerability in multiple products A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. | 9.8 |
| 2018-06-11 | CVE-2017-5435 | Use After Free vulnerability in multiple products A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. | 9.8 |
| 2018-06-11 | CVE-2017-5438 | Use After Free vulnerability in multiple products A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. | 9.8 |
| 2018-06-11 | CVE-2017-5439 | Use After Free vulnerability in multiple products A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. | 9.8 |
| 2018-06-11 | CVE-2017-5440 | Use After Free vulnerability in multiple products A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. | 9.8 |