Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2018-11-14 CVE-2018-17464 Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google redhat debian
4.3
4.3
2018-11-14 CVE-2018-17463 Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google redhat debian
8.8
8.8
2018-11-14 CVE-2018-17462 Use After Free vulnerability in multiple products
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
network
low complexity
google redhat debian CWE-416
critical
 9.6
9.6
2018-11-13 CVE-2018-14658 Open Redirect vulnerability in Redhat Keycloak 3.2.1
A flaw was found in JBOSS Keycloak 3.2.1.Final.
network
low complexity
redhat CWE-601
6.1
6.1
2018-11-13 CVE-2018-14657 Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final.
network
high complexity
redhat CWE-307
8.1
8.1
2018-11-13 CVE-2018-14655 Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final.
network
low complexity
redhat CWE-79
5.4
5.4
2018-11-13 CVE-2018-16850 SQL Injection vulnerability in multiple products
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ...
network
low complexity
postgresql redhat canonical CWE-89
critical
 9.8
9.8
2018-11-12 CVE-2018-19215 Out-of-bounds Read vulnerability in multiple products
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
local
low complexity
nasm redhat CWE-125
7.8
7.8
2018-11-12 CVE-2018-19214 Out-of-bounds Read vulnerability in multiple products
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
local
low complexity
nasm redhat CWE-125
7.8
7.8
2018-11-12 CVE-2018-19208 NULL Pointer Dereference vulnerability in multiple products
In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack.
network
low complexity
libwpd-project redhat suse CWE-476
6.5
6.5