Vulnerabilities (CVE)

Vendor filter

Redhat Subscribe

Product filter

Enterprise Linux Desktop Subscribe

Filter

1110 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-2794 5 Oracle, Redhat, Hp and 2 more 13 Jdk, Jre, Jrockit and 10 more 2019-10-03 3.7
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated...
CVE-2018-2618 4 Oracle, Redhat, Canonical and 1 more 12 Jdk, Jre, Jrockit and 9 more 2019-10-03 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to...
CVE-2017-13080 7 W1.fi, Canonical, Debian and 4 more 12 Hostapd, Wpa Supplicant, Ubuntu Linux and 9 more 2019-10-03 2.9
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-1000116 3 Mercurial, Debian, Redhat 8 Mercurial, Debian Linux, Enterprise Linux Desktop and 5 more 2019-10-03 10.0
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
CVE-2018-5162 4 Mozilla, Canonical, Debian and 1 more 10 Thunderbird, Thunderbird Esr, Ubuntu Linux and 7 more 2019-10-03 5.0
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVE-2018-6165 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-10-03 4.3
Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2017-3600 3 Oracle, Debian, Redhat 8 Mysql, Debian Linux, Enterprise Linux Desktop and 5 more 2019-10-03 6.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high...
CVE-2018-6057 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-10-03 6.8
Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.
CVE-2017-3464 3 Oracle, Debian, Redhat 8 Mysql, Debian Linux, Enterprise Linux Desktop and 5 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low...
CVE-2018-1061 5 Python, Debian, Redhat and 2 more 8 Python, Debian Linux, Ansible Tower and 5 more 2019-10-03 5.0
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2017-1000111 3 Linux, Redhat, Debian 10 Linux Kernel, Enterprise Linux, Debian Linux and 7 more 2019-10-03 7.2
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with...
CVE-2017-13082 7 W1.fi, Canonical, Debian and 4 more 12 Hostapd, Wpa Supplicant, Ubuntu Linux and 9 more 2019-10-03 5.8
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay,...
CVE-2018-2800 6 Oracle, Redhat, Hp and 3 more 14 Jdk, Jre, Jrockit and 11 more 2019-10-03 4.0
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker...
CVE-2018-6070 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-10-03 4.3
Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
CVE-2018-6560 2 Redhat, Flatpak 7 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 4 more 2019-10-03 4.6
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace...
CVE-2017-3533 3 Oracle, Redhat, Debian 12 Jrockit, Jre, Jdk and 9 more 2019-10-03 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to...
CVE-2018-16509 4 Artifex, Canonical, Debian and 1 more 8 Ghostscript, Ubuntu Linux, Debian Linux and 5 more 2019-10-03 9.3
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe"...
CVE-2018-18345 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-10-03 4.3
Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page.
CVE-2018-15967 2 Adobe, Redhat 5 Flash Player, Flash Player Desktop Runtime, Enterprise Linux Desktop and 2 more 2019-10-03 5.0
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-3139 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux Desktop and 3 more 2019-10-03 2.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability...