Redhat Enterprise Linux Server vulnerabilities

1,891 known vulnerabilities affecting redhat/enterprise_linux_server.

Total CVEs
1,891
CISA KEV
58
actively exploited
Public exploits
128
Exploited in wild
63
Severity breakdown
CRITICAL347HIGH710MEDIUM734LOW100

Vulnerabilities

Page 6 of 95
CVE-2018-1311HIGHCVSS 8.1v6.0v7.02019-12-18
CVE-2018-1311 [HIGH] CWE-416 CVE-2018-1311: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the s The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using
nvd
CVE-2019-8535HIGHCVSS 8.8v7.02019-12-18
CVE-2019-8535 [HIGH] CWE-787 CVE-2019-8535: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8676HIGHCVSS 8.8v7.02019-12-18
CVE-2019-8676 [HIGH] CWE-787 CVE-2019-8676: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8684HIGHCVSS 8.8v7.02019-12-18
CVE-2019-8684 [HIGH] CWE-787 CVE-2019-8684: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-13725HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13725 [HIGH] CWE-416 CVE-2019-13725: Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to exec Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
nvd
CVE-2019-13730HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13730 [HIGH] CWE-787 CVE-2019-13730: Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to pot Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13734HIGHCVSS 8.8v6.0v7.02019-12-10
CVE-2019-13734 [HIGH] CWE-787 CVE-2019-13734: Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to po Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13736HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13736 [HIGH] CWE-190 CVE-2019-13736: Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to poten Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
nvd
CVE-2019-13735HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13735 [HIGH] CWE-787 CVE-2019-13735: Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker t Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2019-13747HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13747 [HIGH] CWE-787 CVE-2019-13747: Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote a Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13741HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13741 [HIGH] CWE-79 CVE-2019-13741: Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
nvd
CVE-2019-13727HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13727 [HIGH] CWE-281 CVE-2019-13727: Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remot Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
nvd
CVE-2019-13764HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13764 [HIGH] CWE-843 CVE-2019-13764: Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to pot Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13732HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13732 [HIGH] CWE-416 CVE-2019-13732: Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to poten Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13726HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13726 [HIGH] CWE-119 CVE-2019-13726: Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
nvd
CVE-2019-13729HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13729 [HIGH] CWE-416 CVE-2019-13729: Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to pot Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13728HIGHCVSS 8.8v6.02019-12-10
CVE-2019-13728 [HIGH] CWE-787 CVE-2019-13728: Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker t Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2019-13757MEDIUMCVSS 4.3v6.02019-12-10
CVE-2019-13757 [MEDIUM] CVE-2019-13757: Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2019-13763MEDIUMCVSS 4.3v6.02019-12-10
CVE-2019-13763 [MEDIUM] CVE-2019-13763: Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
nvd
CVE-2019-13759MEDIUMCVSS 4.3v6.02019-12-10
CVE-2019-13759 [MEDIUM] CVE-2019-13759: Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attac Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
nvd
← Previous6 / 95Next →
Redhat Enterprise Linux Server vulnerabilities | cvebase