Enterprise_linux_server - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_server
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/kyz/libmspack

• https://github.com/LibRaw/LibRaw
• https://github.com/rubygems/rubygems
• https://github.com/madler/zlib
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/fedora-selinux/setroubleshoot
• https://github.com/mdadams/jasper
• https://github.com/ntp-project/ntp
• https://github.com/neomutt/neomutt
• https://github.com/mm2/Little-CMS
• https://github.com/openbsd/src
• https://github.com/abrt/abrt
• https://github.com/mysql/mysql-server
• https://github.com/golang/go
• git://git.openssl.org/openssl.git
• https://github.com/dajobe/raptor
• https://github.com/Katello/katello
• https://github.com/opencontainers/runc
• https://github.com/openstack/swift
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/SELinuxProject/selinux
• https://github.com/ClusterLabs/pacemaker
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/jpirko/libndp
• https://github.com/candlepin/subscription-manager
• https://github.com/dogtagpki/pki
• https://github.com/szukw000/openjpeg
• https://github.com/rpm-software-management/yum-utils
• https://github.com/sosreport/sos-collector
• https://github.com/requests/requests
• https://github.com/glennrp/libpng
• https://github.com/paramiko/paramiko
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/karelzak/util-linux
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/libguestfs/hivex
• https://github.com/vadz/libtiff
• https://github.com/jquery/jquery-ui

#Vulnerabilities

1891

Date	Id	Summary	Products	Score	Patch	Annotated
2018-12-20	CVE-2018-1000878	libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.	Ubuntu_linux, Debian_linux, Fedora, Libarchive, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2018-12-20	CVE-2018-19134	In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.	Ghostscript, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	7.8
2019-01-03	CVE-2018-20662	In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.	Ubuntu_linux, Debian_linux, Fedora, Poppler, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	6.5
2019-01-09	CVE-2016-9651	A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.	Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2019-01-09	CVE-2018-16065	A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.	Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2019-01-09	CVE-2018-16066	A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	6.5
2019-01-09	CVE-2018-16067	A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	6.5
2019-01-09	CVE-2018-16068	Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.	Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	9.6
2019-01-09	CVE-2018-16071	A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.	Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2019-01-09	CVE-2018-16076	Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.	Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8