NotCVE - vendor:"Redhat" product:"Enterprise Linux Aus" version:"7.5"

Page 28 of 521 results (0.020 seconds)

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2018-5095 – Mozilla: Integer overflow in Skia library during edge builder allocation (MFSA 2018-03)

https://notcve.org/view.php?id=CVE-2018-5095

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Una vulnerabilidad de desbordamiento de enteros en la librería Skia cuando se asigna memoria para los "edge builders" en determinados sistemas con al menos 8 GB de RAM. Esto resulta en el uso de memoria no inicializada, resultando en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/102783 http://www.securitytracker.com/id/1040270 https://access.redhat.com/errata/RHSA-2018:0122 https://access.redhat.com/errata/RHSA-2018:0262 https://bugzilla.mozilla.org/show_bug.cgi?id=1418447 https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html https://usn.ubuntu.com/3544-1 https://www.debian.org/security/2018/dsa-4096 https://www.debian.org/securi • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-908: Use of Uninitialized Resource •

CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2018-5102 – Mozilla: Use-after-free in HTML media elements (MFSA 2018-03)

https://notcve.org/view.php?id=CVE-2018-5102

A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando se manipulan elementos HTML media con media streams, resultando en un cierre inesperado potencialmente explotable. Esta vulnerabilidad afecta a las versiones anteriores a la 52.6 de Thunderbird, las versiones anteriores a la 52.6 de Firefox ESR y las versiones anteriores a la 58 de Firefox. • http://www.securityfocus.com/bid/102783 http://www.securitytracker.com/id/1040270 https://access.redhat.com/errata/RHSA-2018:0122 https://access.redhat.com/errata/RHSA-2018:0262 https://bugzilla.mozilla.org/show_bug.cgi?id=1419363 https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html https://usn.ubuntu.com/3544-1 https://www.debian.org/security/2018/dsa-4096 https://www.debian.org/securi • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2018-5097 – Mozilla: Use-after-free when source document is manipulated during XSLT (MFSA 2018-03)

https://notcve.org/view.php?id=CVE-2018-5097

A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada durante las transformaciones XSL cuando el documento de origen para la transformación se manipula con scripts durante la transformación. Esto resulta en un cierre inesperado explotable. • http://www.securityfocus.com/bid/102783 http://www.securitytracker.com/id/1040270 https://access.redhat.com/errata/RHSA-2018:0122 https://access.redhat.com/errata/RHSA-2018:0262 https://bugzilla.mozilla.org/show_bug.cgi?id=1387427 https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html https://usn.ubuntu.com/3544-1 https://www.debian.org/security/2018/dsa-4096 https://www.debian.org/securi • CWE-416: Use After Free •

CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 1

CVE-2018-5950 – mailman: Cross-site scripting (XSS) vulnerability in web UI

https://notcve.org/view.php?id=CVE-2018-5950

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. Vulnerabilidad de Cross-Site Scripting (XSS) en la interfaz de usuario web en Mailman en versiones anteriores a la 2.1.26 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante una URL user-options. A cross-site scripting (XSS) flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, can execute arbitrary web scripts on the user's side and force the victim to perform unintended actions. Mailman versions 1.x up through 2.1.23 suffer from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/159761/Mailman-2.1.23-Cross-Site-Scripting.html http://www.securityfocus.com/bid/104594 https://access.redhat.com/errata/RHSA-2018:0504 https://access.redhat.com/errata/RHSA-2018:0505 https://bugs.launchpad.net/mailman/+bug/1747209 https://lists.debian.org/debian-lts-announce/2018/02/msg00007.html https://usn.ubuntu.com/3563-1 https://www.debian.org/security/2018/dsa-4108 https://www.mail-archive.com/mailman-users%40python.org/msg70375. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 0%CPEs: 30EXPL: 0

CVE-2018-2622 – mysql: Server: DDL unspecified vulnerability (CPU Jan 2018)

https://notcve.org/view.php?id=CVE-2018-2622

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102706 http://www.securitytracker.com/id/1040216 https://access.redhat.com/errata/RHSA-2018:0586 https://access.redhat.com/errata/RHSA-2018:0587 https://access.redhat.com/errata/RHSA-2018:2439 https://access.redhat.com/errata/RHSA-2018:2729 https://access.redhat.com/errata/RHSA-2019:1258 https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html https://lists. •

1...26 27 28 29 30