Vulnerabilities > Redhat > High

DATE CVE VULNERABILITY TITLE RISK
2017-05-09 CVE-2017-3073 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3072 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3071 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3070 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3069 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3068 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-04-27 CVE-2017-8291 Type Confusion vulnerability in multiple products
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
local
low complexity
artifex debian redhat CWE-843
7.8
7.8
2017-04-24 CVE-2017-5043 Use After Free vulnerability in multiple products
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
network
low complexity
google redhat debian CWE-416
8.8
8.8
2017-04-24 CVE-2017-5039 Use After Free vulnerability in multiple products
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
local
low complexity
google debian redhat CWE-416
7.8
7.8
2017-04-24 CVE-2017-5037 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
local
low complexity
google debian redhat CWE-190
7.8
7.8