Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Desktop
Total 1884 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4143 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4134 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4133 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4144 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4132 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4131 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4146 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2015-7704 6 Citrix, Debian, Mcafee and 3 more 14 Xenserver, Debian Linux, Enterprise Security Manager and 11 more 2021-11-17 5.0 MEDIUM 7.5 HIGH
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
CVE-2004-0081 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2021-11-08 5.0 MEDIUM N/A
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0112 23 4d, Apple, Avaya and 20 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2021-11-08 5.0 MEDIUM N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2021-11-08 5.0 MEDIUM N/A
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2019-10245 2 Eclipse, Redhat 6 Openj9, Enterprise Linux, Enterprise Linux Desktop and 3 more 2021-10-28 5.0 MEDIUM 7.5 HIGH
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.
CVE-2018-5729 4 Debian, Fedoraproject, Mit and 1 more 6 Debian Linux, Fedora, Kerberos 5 and 3 more 2021-10-18 6.5 MEDIUM 4.7 MEDIUM
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
CVE-2020-3757 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2021-09-16 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-6402 7 Apple, Debian, Fedoraproject and 4 more 10 Macos, Debian Linux, Fedora and 7 more 2021-09-16 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
CVE-2016-0264 3 Ibm, Redhat, Suse 13 Java Sdk, Enterprise Linux Desktop, Enterprise Linux Hpc Node Supplementary and 10 more 2021-09-09 6.8 MEDIUM 5.6 MEDIUM
Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2018-4871 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2021-09-08 5.0 MEDIUM 7.5 HIGH
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
CVE-2018-4877 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2021-09-08 10.0 HIGH 9.8 CRITICAL
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.
CVE-2018-6151 6 Apple, Debian, Google and 3 more 9 Macos, Debian Linux, Chrome and 6 more 2021-09-08 6.8 MEDIUM 8.8 HIGH
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
CVE-2017-3114 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2021-09-08 10.0 HIGH 9.8 CRITICAL
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or country- specific functionality. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.