Redhat Enterprise Linux Desktop vulnerabilities
1,928 known vulnerabilities affecting redhat/enterprise_linux_desktop.
Total CVEs
1,928
CISA KEV
56
actively exploited
Public exploits
141
Exploited in wild
61
Severity breakdown
CRITICAL345HIGH708MEDIUM756LOW119
Vulnerabilities
Page 16 of 97
CVE-2018-6162HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6162 [HIGH] CWE-502 CVE-2018-6162: Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote att
Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2018-6174HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6174 [HIGH] CWE-190 CVE-2018-6174: Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
nvd
CVE-2018-6120HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6120 [HIGH] CWE-190 CVE-2018-6120: An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
nvd
CVE-2018-17461HIGHCVSS 8.8v6.02019-01-09
CVE-2018-17461 [HIGH] CWE-125 CVE-2018-17461: An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to
An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
nvd
CVE-2018-6056HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6056 [HIGH] CWE-704 CVE-2018-6056: Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.16
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2018-6151HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6151 [HIGH] CWE-125 CVE-2018-6151: Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed a
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
nvd
CVE-2018-16076HIGHCVSS 8.8v6.02019-01-09
CVE-2018-16076 [HIGH] CWE-125 CVE-2018-16076: Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to p
Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
nvd
CVE-2018-17470HIGHCVSS 7.4v6.02019-01-09
CVE-2018-17470 [HIGH] CWE-119 CVE-2018-17470: A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who h
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
nvd
CVE-2018-6106HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6106 [HIGH] CWE-19 CVE-2018-6106: An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.11
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
nvd
CVE-2018-6170HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6170 [HIGH] CWE-704 CVE-2018-6170: A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
nvd
CVE-2018-6139HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6139 [HIGH] CWE-20 CVE-2018-6139: Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.339
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
nvd
CVE-2018-16065HIGHCVSS 8.8v6.02019-01-09
CVE-2018-16065 [HIGH] CWE-416 CVE-2018-16065: A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.349
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2018-16083HIGHCVSS 8.8PoCv6.02019-01-09
CVE-2018-16083 [HIGH] CWE-125 CVE-2018-16083: An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
nvd
CVE-2018-17458HIGHCVSS 8.8v6.02019-01-09
CVE-2018-17458 [HIGH] CWE-129 CVE-2018-17458: An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2018-16081HIGHCVSS 7.4v6.02019-01-09
CVE-2018-16081 [HIGH] CWE-862 CVE-2018-16081: Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension.
nvd
CVE-2018-6140HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6140 [HIGH] CWE-20 CVE-2018-6140: Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
nvd
CVE-2018-6124HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6124 [HIGH] CWE-704 CVE-2018-6124: Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote a
Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
nvd
CVE-2018-16071HIGHCVSS 8.8PoCv6.02019-01-09
CVE-2018-16071 [HIGH] CWE-416 CVE-2018-16071: A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to poten
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
nvd
CVE-2018-6126HIGHCVSS 8.8PoCv6.02019-01-09
CVE-2018-6126 [HIGH] CWE-787 CVE-2018-6126: A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perfor
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
nvd
CVE-2018-6141HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6141 [HIGH] CWE-125 CVE-2018-6141: Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a
Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page.
nvd