Redhat Enterprise Linux Workstation vulnerabilities
1,845 known vulnerabilities affecting redhat/enterprise_linux_workstation.
Total CVEs
1,845
CISA KEV
57
actively exploited
Public exploits
136
Exploited in wild
62
Severity breakdown
CRITICAL335HIGH699MEDIUM713LOW98
Vulnerabilities
Page 18 of 93
CVE-2018-6147MEDIUMCVSS 5.5v6.02019-01-09
CVE-2018-6147 [MEDIUM] CWE-200 CVE-2018-6147: Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process.
nvd
CVE-2018-6112MEDIUMCVSS 4.3v6.02019-01-09
CVE-2018-6112 [MEDIUM] CWE-706 CVE-2018-6112: Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
nvd
CVE-2018-16067MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-16067 [MEDIUM] CWE-416 CVE-2018-16067: A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to pot
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2018-6164MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6164 [MEDIUM] CWE-200 CVE-2018-6164: Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a
Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
nvd
CVE-2018-16082MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-16082 [MEDIUM] CWE-125 CVE-2018-16082: An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacke
An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
nvd
CVE-2018-6091MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6091 [MEDIUM] CWE-19 CVE-2018-6091: Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google
Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
nvd
CVE-2018-6166MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6166 [MEDIUM] CVE-2018-6166: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-17459MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-17459 [MEDIUM] CVE-2018-17459: Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 all
Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
nvd
CVE-2018-6175MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6175 [MEDIUM] CVE-2018-6175: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-16084MEDIUMCVSS 6.1v6.02019-01-09
CVE-2018-16084 [MEDIUM] CWE-79 CVE-2018-16084: The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page.
nvd
CVE-2018-6163MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6163 [MEDIUM] CVE-2018-6163: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-6114MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6114 [MEDIUM] CWE-20 CVE-2018-6114: Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allo
Incorrect enforcement of CSP for tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.
nvd
CVE-2018-6178MEDIUMCVSS 4.3v6.02019-01-09
CVE-2018-6178 [MEDIUM] CWE-1021 CVE-2018-6178: Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.
nvd
CVE-2018-6169MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6169 [MEDIUM] CWE-20 CVE-2018-6169: Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 all
Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.
nvd
CVE-2018-6167MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6167 [MEDIUM] CVE-2018-6167: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-6113MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6113 [MEDIUM] CWE-20 CVE-2018-6113: Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.
Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
nvd
CVE-2018-6143MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6143 [MEDIUM] CWE-125 CVE-2018-6143: Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to pe
Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
nvd
CVE-2018-16066MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-16066 [MEDIUM] CWE-416 CVE-2018-16066: A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potent
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2018-6117MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6117 [MEDIUM] CWE-200 CVE-2018-6117: Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to
Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
nvd
CVE-2018-6096MEDIUMCVSS 6.5v6.02019-01-09
CVE-2018-6096 [MEDIUM] CWE-20 CVE-2018-6096: A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
nvd