Redhat Linux Workstation vulnerabilities
44 known vulnerabilities affecting redhat/linux_workstation.
Total CVEs
44
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH23MEDIUM20
Vulnerabilities
Page 2 of 3
CVE-2018-6099MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6099 [MEDIUM] CWE-200 CVE-2018-6099: A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to
A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
nvd
CVE-2018-6116MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6116 [MEDIUM] CWE-476 CVE-2018-6116: A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attack
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
nvd
CVE-2018-6095MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6095 [MEDIUM] CWE-200 CVE-2018-6095: Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.33
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.
nvd
CVE-2018-6105MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6105 [MEDIUM] CVE-2018-6105: Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allow
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-6103MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6103 [MEDIUM] CVE-2018-6103: A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote att
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.
nvd
CVE-2018-6104MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6104 [MEDIUM] CVE-2018-6104: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-6102MEDIUMCVSS 4.3v6.02018-12-04
CVE-2018-6102 [MEDIUM] CWE-20 CVE-2018-6102: Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowe
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
nvd
CVE-2018-6108MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6108 [MEDIUM] CVE-2018-6108: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.
nvd
CVE-2018-6089MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6089 [MEDIUM] CWE-20 CVE-2018-6089: A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in
A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
nvd
CVE-2018-6107MEDIUMCVSS 6.5v6.02018-12-04
CVE-2018-6107 [MEDIUM] CVE-2018-6107: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
nvd
CVE-2018-17462CRITICALCVSS 9.6v6.02018-11-14
CVE-2018-17462 [CRITICAL] CWE-416 CVE-2018-17462: Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker t
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
nvd
CVE-2018-6074HIGHCVSS 8.8v6.02018-11-14
CVE-2018-6074 [HIGH] CWE-20 CVE-2018-6074: Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remo
Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page.
nvd
CVE-2018-6072HIGHCVSS 8.8v6.02018-11-14
CVE-2018-6072 [HIGH] CWE-190 CVE-2018-6072: An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allo
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
nvd
CVE-2018-6071HIGHCVSS 8.8v6.02018-11-14
CVE-2018-6071 [HIGH] CWE-125 CVE-2018-6071: An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to per
An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
nvd
CVE-2018-6073HIGHCVSS 8.8v6.02018-11-14
CVE-2018-6073 [HIGH] CWE-787 CVE-2018-6073: A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to
A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
nvd
CVE-2018-17469HIGHCVSS 8.8v6.02018-11-14
CVE-2018-17469 [HIGH] CWE-125 CVE-2018-17469: Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a r
Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
nvd
CVE-2018-17464MEDIUMCVSS 4.3v6.02018-11-14
CVE-2018-17464 [MEDIUM] CVE-2018-17464: Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
nvd
CVE-2018-6075MEDIUMCVSS 6.5v6.02018-11-14
CVE-2018-6075 [MEDIUM] CWE-200 CVE-2018-6075: Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction.
nvd
CVE-2018-6076MEDIUMCVSS 6.1v6.02018-11-14
CVE-2018-6076 [MEDIUM] CWE-79 CVE-2018-6076: Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 a
Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page.
nvd
CVE-2018-6066MEDIUMCVSS 6.5v6.02018-11-14
CVE-2018-6066 [MEDIUM] CWE-200 CVE-2018-6066: Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325
Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
nvd