Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server Tus
Total 716 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-1836 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2019-03-25 4.3 MEDIUM 5.5 MEDIUM
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.
CVE-2016-1834 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2019-03-25 9.3 HIGH 7.8 HIGH
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2016-1833 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2019-03-25 4.3 MEDIUM 5.5 MEDIUM
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
CVE-2017-5208 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2019-03-20 6.8 MEDIUM 8.8 HIGH
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
CVE-2017-5204 3 Debian, Redhat, Tcpdump 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2019-03-19 7.5 HIGH 9.8 CRITICAL
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
CVE-2017-5202 3 Debian, Redhat, Tcpdump 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2019-03-19 7.5 HIGH 9.8 CRITICAL
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5205 3 Debian, Redhat, Tcpdump 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2019-03-19 7.5 HIGH 9.8 CRITICAL
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5203 3 Debian, Redhat, Tcpdump 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2019-03-19 7.5 HIGH 9.8 CRITICAL
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2018-5184 4 Canonical, Debian, Mozilla and 1 more 11 Ubuntu Linux, Debian Linux, Thunderbird and 8 more 2019-03-13 5.0 MEDIUM 7.5 HIGH
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVE-2018-5158 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2019-03-13 6.8 MEDIUM 8.8 HIGH
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
CVE-2018-5157 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2019-03-13 5.0 MEDIUM 7.5 HIGH
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
CVE-2018-5150 4 Canonical, Debian, Mozilla and 1 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2019-03-13 7.5 HIGH 9.8 CRITICAL
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVE-2018-5145 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Firefox Esr and 7 more 2019-03-13 7.5 HIGH 9.8 CRITICAL
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
CVE-2018-5170 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Thunderbird and 7 more 2019-03-13 4.3 MEDIUM 4.3 MEDIUM
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVE-2018-5161 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Thunderbird and 7 more 2019-03-13 4.3 MEDIUM 4.3 MEDIUM
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVE-2018-5183 4 Canonical, Debian, Mozilla and 1 more 11 Ubuntu Linux, Debian Linux, Firefox Esr and 8 more 2019-03-13 7.5 HIGH 9.8 CRITICAL
Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
CVE-2017-6009 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2019-03-12 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool.
CVE-2017-6010 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2019-03-12 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.
CVE-2017-6011 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2019-03-12 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.
CVE-2017-9776 3 Debian, Freedesktop, Redhat 8 Debian Linux, Poppler, Enterprise Linux Desktop and 5 more 2019-03-12 6.8 MEDIUM 7.8 HIGH
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.