Vulnerabilities > Redhat > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2018-10867 Files or Directories Accessible to External Parties vulnerability in Redhat Certification 7.0
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.
network
low complexity
redhat CWE-552
critical
9.1
2021-05-21 CVE-2018-25009 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16().
network
low complexity
webmproject redhat CWE-125
critical
9.1
2021-05-21 CVE-2018-25010 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().
network
low complexity
webmproject redhat CWE-125
critical
9.1
2021-05-21 CVE-2018-25011 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().
network
low complexity
webmproject redhat CWE-787
critical
9.8
2021-05-21 CVE-2018-25012 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24().
network
low complexity
webmproject redhat CWE-125
critical
9.1
2021-05-21 CVE-2018-25013 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes().
network
low complexity
webmproject redhat CWE-125
critical
9.1
2021-05-21 CVE-2018-25014 Use of Uninitialized Resource vulnerability in multiple products
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
network
low complexity
webmproject redhat CWE-908
critical
9.8
2021-05-21 CVE-2020-36328 Out-of-bounds Write vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-787
critical
9.8
2021-05-21 CVE-2020-36329 Use After Free vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-416
critical
9.8
2021-05-21 CVE-2020-36330 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject debian redhat netapp apple CWE-125
critical
9.1