Redhat Enterprise Linux Workstation vulnerabilities
1,845 known vulnerabilities affecting redhat/enterprise_linux_workstation.
Total CVEs
1,845
CISA KEV
57
actively exploited
Public exploits
136
Exploited in wild
62
Severity breakdown
CRITICAL335HIGH699MEDIUM713LOW98
Vulnerabilities
Page 17 of 93
CVE-2018-17461HIGHCVSS 8.8v6.02019-01-09
CVE-2018-17461 [HIGH] CWE-125 CVE-2018-17461: An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to
An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
nvd
CVE-2018-6056HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6056 [HIGH] CWE-704 CVE-2018-6056: Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.16
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2018-6151HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6151 [HIGH] CWE-125 CVE-2018-6151: Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed a
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
nvd
CVE-2018-16076HIGHCVSS 8.8v6.02019-01-09
CVE-2018-16076 [HIGH] CWE-125 CVE-2018-16076: Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to p
Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
nvd
CVE-2018-17470HIGHCVSS 7.4v6.02019-01-09
CVE-2018-17470 [HIGH] CWE-119 CVE-2018-17470: A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who h
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
nvd
CVE-2018-6106HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6106 [HIGH] CWE-19 CVE-2018-6106: An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.11
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
nvd
CVE-2018-6170HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6170 [HIGH] CWE-704 CVE-2018-6170: A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
nvd
CVE-2018-6139HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6139 [HIGH] CWE-20 CVE-2018-6139: Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.339
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
nvd
CVE-2018-16065HIGHCVSS 8.8v6.02019-01-09
CVE-2018-16065 [HIGH] CWE-416 CVE-2018-16065: A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.349
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2018-16083HIGHCVSS 8.8PoCv6.02019-01-09
CVE-2018-16083 [HIGH] CWE-125 CVE-2018-16083: An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
nvd
CVE-2018-17458HIGHCVSS 8.8v6.02019-01-09
CVE-2018-17458 [HIGH] CWE-129 CVE-2018-17458: An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
nvd
CVE-2018-16081HIGHCVSS 7.4v6.02019-01-09
CVE-2018-16081 [HIGH] CWE-862 CVE-2018-16081: Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension.
nvd
CVE-2018-6140HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6140 [HIGH] CWE-20 CVE-2018-6140: Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
nvd
CVE-2018-6124HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6124 [HIGH] CWE-704 CVE-2018-6124: Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote a
Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
nvd
CVE-2018-16071HIGHCVSS 8.8PoCv6.02019-01-09
CVE-2018-16071 [HIGH] CWE-416 CVE-2018-16071: A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to poten
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
nvd
CVE-2018-6126HIGHCVSS 8.8PoCv6.02019-01-09
CVE-2018-6126 [HIGH] CWE-787 CVE-2018-6126: A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perfor
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
nvd
CVE-2018-6141HIGHCVSS 8.8v6.02019-01-09
CVE-2018-6141 [HIGH] CWE-125 CVE-2018-6141: Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a
Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page.
nvd
CVE-2018-6097MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6097 [MEDIUM] CWE-19 CVE-2018-6097: Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.335
Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.
nvd
CVE-2018-6110MEDIUMCVSS 5.4v6.02019-01-09
CVE-2018-6110 [MEDIUM] CWE-20 CVE-2018-6110: Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote atta
Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page.
nvd
CVE-2018-16078MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-16078 [MEDIUM] CWE-200 CVE-2018-16078: Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a
Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
nvd