Redhat » Enterprise Linux Server : Security Vulnerabilities, CVEs, Published In January 2019 (Code Execution)
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.58%
Published
2019-01-09
Updated
2020-08-24
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-01-11
Updated
2023-02-13
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
9.69%
Published
2019-01-09
Updated
2019-01-16
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Max CVSS
8.8
EPSS Score
9.59%
Published
2019-01-09
Updated
2019-01-14
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
Max CVSS
9.3
EPSS Score
1.23%
Published
2019-01-09
Updated
2019-01-16
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
Max CVSS
8.8
EPSS Score
1.51%
Published
2019-01-09
Updated
2019-01-16
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
Max CVSS
8.8
EPSS Score
3.39%
Published
2019-01-09
Updated
2020-08-24
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.49%
Published
2019-01-09
Updated
2019-01-16
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.
Max CVSS
7.8
EPSS Score
0.07%
Published
2019-01-09
Updated
2021-09-08
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.19%
Published
2019-01-09
Updated
2019-01-29
A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
23.56%
Published
2019-01-09
Updated
2019-01-16
11 vulnerabilities found