Vulnerabilities > Redhat > Enterprise Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-26 | CVE-2018-3760 | Information Exposure vulnerability in multiple products There is an information leak vulnerability in Sprockets. | 5.0 |
2018-06-21 | CVE-2018-3665 | Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | 4.7 |
2018-06-11 | CVE-2018-5184 | Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. | 5.0 |
2018-06-11 | CVE-2018-5117 | If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. | 5.0 |
2018-06-11 | CVE-2017-7848 | Injection vulnerability in multiple products RSS fields can inject new lines into the created email structure, modifying the message body. | 5.0 |
2018-06-11 | CVE-2017-7807 | Improper Input Validation vulnerability in multiple products A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. | 5.8 |
2018-06-11 | CVE-2017-7798 | Code Injection vulnerability in multiple products The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. | 6.8 |
2018-06-11 | CVE-2017-7791 | Improper Input Validation vulnerability in multiple products On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. | 5.0 |
2018-06-11 | CVE-2017-7787 | Information Exposure vulnerability in multiple products Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. | 5.0 |
2018-06-11 | CVE-2017-7754 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. | 5.0 |