Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_server
(Redhat)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-10 | CVE-2019-13725 | Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
2019-12-10 | CVE-2019-13749 | Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2019-12-10 | CVE-2019-13750 | Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. | Ubuntu_linux, Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2019-12-10 | CVE-2019-13754 | Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 4.3 | ||
2019-12-10 | CVE-2019-13744 | Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2019-12-10 | CVE-2019-13746 | Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2019-12-10 | CVE-2019-13748 | Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2016-07-19 | CVE-2016-5388 | It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. | Tomcat, System_management_homepage, Linux, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.1 | ||
2016-07-19 | CVE-2016-5385 | It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request. | Debian_linux, Drupal, Fedora, Storeever_msl6480_tape_library_firmware, System_management_homepage, Leap, Communications_user_data_repository, Enterprise_manager_ops_center, Linux, Php, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.1 | ||
2015-12-15 | CVE-2015-7497 | A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. | Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 | N/A |