Redhat Enterprise Linux Workstation vulnerabilities

CVE-2019-8669 [HIGH] CWE-787 CVE-2019-8669: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8672 [HIGH] CWE-787 CVE-2019-8672: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8814 [HIGH] CWE-787 CVE-2019-8814: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2018-1311 [HIGH] CWE-416 CVE-2018-1311: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the s The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using

CVE-2019-8535 [HIGH] CWE-787 CVE-2019-8535: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8676 [HIGH] CWE-787 CVE-2019-8676: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8684 [HIGH] CWE-787 CVE-2019-8684: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-13725 [HIGH] CWE-416 CVE-2019-13725: Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to exec Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

CVE-2019-13730 [HIGH] CWE-787 CVE-2019-13730: Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to pot Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-13734 [HIGH] CWE-787 CVE-2019-13734: Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to po Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-13736 [HIGH] CWE-190 CVE-2019-13736: Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to poten Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

CVE-2019-13735 [HIGH] CWE-787 CVE-2019-13735: Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker t Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2019-13747 [HIGH] CWE-787 CVE-2019-13747: Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote a Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-13741 [HIGH] CWE-79 CVE-2019-13741: Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.

CVE-2019-13727 [HIGH] CWE-281 CVE-2019-13727: Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remot Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

CVE-2019-13764 [HIGH] CWE-843 CVE-2019-13764: Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to pot Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-13732 [HIGH] CWE-416 CVE-2019-13732: Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to poten Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-13726 [HIGH] CWE-119 CVE-2019-13726: Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

CVE-2019-13729 [HIGH] CWE-416 CVE-2019-13729: Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to pot Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-13728 [HIGH] CWE-787 CVE-2019-13728: Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker t Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.