Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Desktop Supplementary

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8540 4 Debian, Fedoraproject, Libpng and 1 more 7 Debian Linux, Fedora, Libpng and 4 more 2021-06-29 9.3 HIGH 8.8 HIGH
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
CVE-2016-1660 3 Google, Opensuse, Redhat 6 Chrome, Opensuse, Enterprise Linux Desktop Supplementary and 3 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
CVE-2016-1661 3 Google, Opensuse, Redhat 6 Chrome, Opensuse, Enterprise Linux Desktop Supplementary and 3 more 2018-10-30 8.3 HIGH 8.0 HIGH
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp.
CVE-2016-1663 3 Google, Opensuse, Redhat 6 Chrome, Opensuse, Enterprise Linux Desktop Supplementary and 3 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
CVE-2016-0985 7 Adobe, Apple, Google and 4 more 18 Air, Air Sdk, Air Sdk \\\& Compiler and 15 more 2017-09-10 9.3 HIGH 8.8 HIGH
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."