CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1002200 22 Dir. Trav. 2018-07-25 2018-09-18
4.3
None Remote Medium Not required None Partial None
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
2 CVE-2018-1002105 388 2018-12-05 2018-12-25
7.5
None Remote Low Not required Partial Partial Partial
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.
3 CVE-2018-1000805 284 2018-10-08 2019-01-08
6.5
None Remote Low Single system Partial Partial Partial
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
4 CVE-2018-1000199 388 Exec Code Mem. Corr. 2018-05-24 2018-06-27
4.9
None Local Low Not required None None Complete
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
5 CVE-2018-1000156 20 Exec Code 2018-04-06 2018-06-28
6.8
None Remote Medium Not required Partial Partial Partial
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
6 CVE-2018-19409 254 2018-11-21 2018-12-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
7 CVE-2018-19215 125 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
8 CVE-2018-19214 125 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
9 CVE-2018-19208 476 DoS 2018-11-12 2018-12-13
4.3
None Remote Medium Not required None None Partial
In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.
10 CVE-2018-19139 399 2018-11-09 2019-01-03
4.3
None Remote Medium Not required None None Partial
An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
11 CVE-2018-19134 704 Exec Code 2018-12-20 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.
12 CVE-2018-19115 119 Overflow 2018-11-08 2019-01-08
7.5
None Remote Low Not required Partial Partial Partial
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
13 CVE-2018-18751 415 2018-10-29 2018-12-07
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.
14 CVE-2018-18584 787 2018-10-22 2019-01-15
4.3
None Remote Medium Not required None None Partial
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
15 CVE-2018-18438 190 Overflow 2018-10-19 2018-12-04
2.1
None Local Low Not required None None Partial
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
16 CVE-2018-18359 125 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
17 CVE-2018-18358 20 2018-12-11 2019-01-02
2.9
None Local Network Medium Not required None Partial None
Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file.
18 CVE-2018-18357 20 2018-12-11 2018-12-19
4.3
None Remote Medium Not required None Partial None
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
19 CVE-2018-18356 190 Overflow 2018-12-11 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
20 CVE-2018-18355 20 2018-12-11 2018-12-19
4.3
None Remote Medium Not required None Partial None
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
21 CVE-2018-18354 20 2018-12-11 2018-12-20
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page.
22 CVE-2018-18353 18 2018-12-11 2018-12-20
4.3
None Remote Medium Not required None Partial None
Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page.
23 CVE-2018-18352 264 Bypass 2018-12-11 2018-12-20
4.3
None Remote Medium Not required Partial None None
Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page.
24 CVE-2018-18351 20 Bypass 2018-12-11 2018-12-26
4.3
None Remote Medium Not required Partial None None
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.
25 CVE-2018-18350 19 Bypass 2018-12-11 2018-12-26
4.3
None Remote Medium Not required None Partial None
Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.
26 CVE-2018-18349 264 2018-12-11 2019-01-10
4.3
None Remote Medium Not required Partial None None
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.
27 CVE-2018-18348 20 2018-12-11 2018-12-20
4.3
None Remote Medium Not required None Partial None
Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
28 CVE-2018-18347 20 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page.
29 CVE-2018-18346 20 2018-12-11 2018-12-13
4.3
None Remote Medium Not required None Partial None
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page.
30 CVE-2018-18345 254 Bypass 2018-12-11 2018-12-29
4.3
None Remote Medium Not required Partial None None
Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page.
31 CVE-2018-18344 20 2018-12-11 2019-01-10
4.3
None Remote Medium Not required Partial None None
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension.
32 CVE-2018-18343 416 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
33 CVE-2018-18342 502 Exec Code 2018-12-11 2018-12-21
6.8
None Remote Medium Not required Partial Partial Partial
Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
34 CVE-2018-18341 190 Overflow 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
35 CVE-2018-18340 119 Overflow 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
36 CVE-2018-18339 119 Overflow 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
37 CVE-2018-18338 119 Overflow 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
38 CVE-2018-18337 416 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
39 CVE-2018-18336 416 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
40 CVE-2018-18335 119 Overflow 2018-12-11 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
41 CVE-2018-17962 119 Overflow 2018-10-09 2018-12-01
5.0
None Remote Low Not required None None Partial
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
42 CVE-2018-17481 416 2018-12-11 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
43 CVE-2018-17480 787 Exec Code 2018-12-11 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
44 CVE-2018-17477 20 2018-11-14 2018-12-21
4.3
None Remote Medium Not required None Partial None
Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.
45 CVE-2018-17476 20 2018-11-14 2018-12-21
4.3
None Remote Medium Not required None Partial None
Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
46 CVE-2018-17475 20 2018-11-14 2018-12-19
4.3
None Remote Medium Not required None Partial None
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
47 CVE-2018-17474 416 2018-11-14 2018-12-21
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
48 CVE-2018-17473 20 2018-11-14 2018-12-18
4.3
None Remote Medium Not required None Partial None
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
49 CVE-2018-17472 19 2018-11-14 2018-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page.
50 CVE-2018-17471 20 2018-11-14 2018-12-21
4.3
None Remote Medium Not required None Partial None
Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
Total number of vulnerabilities : 2343   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.