Product:

Enterprise_linux_workstation

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/LibRaw/LibRaw
#Vulnerabilities 1345
Date Id Summary Products Score Patch Annotated
2018-03-20 CVE-2018-8088 org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. Goldengate_application_adapters, Goldengate_stream_analytics, Utilities_framework, Slf4j, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Jboss_enterprise_application_platform, Virtualization, Virtualization_host 9.8
2019-02-19 CVE-2019-5773 Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-02-19 CVE-2019-5774 Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 8.8
2019-02-04 CVE-2019-3813 Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. Ubuntu_linux, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Spice 7.5
2019-02-19 CVE-2019-5775 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-02-15 CVE-2019-6974 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. Ubuntu_linux, Debian_linux, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_edge_gateway, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Big\-Ip_webaccelerator, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openshift_container_platform 8.1
2019-02-19 CVE-2019-5776 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-02-19 CVE-2019-5777 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-02-19 CVE-2019-5754 Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-02-19 CVE-2019-5781 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5