Redhat Enterprise Linux Desktop vulnerabilities

CVE-2021-4091 [HIGH] CWE-415 CVE-2021-4091: A double-free was found in the way 389-ds-base handles virtual attributes context in persistent sear A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.

CVE-2020-25719 [HIGH] CWE-287 CVE-2020-25719: A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos na A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.

CVE-2016-2124 [MEDIUM] CWE-287 CVE-2016-2124: A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw t A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

CVE-2021-4034 [HIGH] CWE-787 CVE-2021-4034: A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec applicat A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variabl

CVE-2020-27769 [LOW] CWE-190 CVE-2020-27769: In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.

CVE-2019-8835 [HIGH] CWE-787 CVE-2019-8835: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8844 [HIGH] CWE-787 CVE-2019-8844: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8846 [HIGH] CWE-416 CVE-2019-8846: A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-3864 [HIGH] CWE-346 CVE-2020-3864: A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17 A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.

CVE-2020-10531 [HIGH] CWE-190 CVE-2020-10531: An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An int An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

CVE-2020-6384 [HIGH] CWE-416 CVE-2020-6384: Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to pote Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6418 [HIGH] CWE-843 CVE-2020-6418: Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentiall Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6383 [HIGH] CWE-843 CVE-2020-6383: Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentiall Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6386 [HIGH] CWE-416 CVE-2020-6386: Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potent Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-3757 [HIGH] CWE-843 CVE-2020-3757: Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2020-6402 [HIGH] CWE-20 CVE-2020-6402: Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

CVE-2020-6404 [HIGH] CWE-787 CVE-2020-6404: Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attack Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6381 [HIGH] CWE-190 CVE-2020-6381: Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowe Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6398 [HIGH] CWE-908 CVE-2020-6398: Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

CVE-2020-6416 [HIGH] CWE-20 CVE-2020-6416: Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote atta Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.