Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15457 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14436 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. | ||||
| CVE-2018-14435 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. | ||||
| CVE-2018-14434 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. | ||||
| CVE-2018-14404 | 4 Canonical, Debian, Redhat and 1 more | 6 Ubuntu Linux, Debian Linux, Ansible Tower and 3 more | 2024-11-21 | N/A |
| A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. | ||||
| CVE-2018-14368 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long. | ||||
| CVE-2018-14362 | 5 Canonical, Debian, Mutt and 2 more | 11 Ubuntu Linux, Debian Linux, Mutt and 8 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character. | ||||
| CVE-2018-14357 | 5 Canonical, Debian, Mutt and 2 more | 11 Ubuntu Linux, Debian Linux, Mutt and 8 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription. | ||||
| CVE-2018-14355 | 5 Canonical, Debian, Mutt and 2 more | 5 Ubuntu Linux, Debian Linux, Mutt and 2 more | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name. | ||||
| CVE-2018-14354 | 5 Canonical, Debian, Mutt and 2 more | 11 Ubuntu Linux, Debian Linux, Mutt and 8 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription. | ||||
| CVE-2018-14348 | 4 Debian, Fedoraproject, Libcgroup Project and 1 more | 4 Debian Linux, Fedora, Libcgroup and 1 more | 2024-11-21 | N/A |
| libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. | ||||
| CVE-2018-14341 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. | ||||
| CVE-2018-14340 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. | ||||
| CVE-2018-14338 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow. | ||||
| CVE-2018-14046 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | ||||
| CVE-2018-14042 | 2 Getbootstrap, Redhat | 6 Bootstrap, Enterprise Linux, Jboss Enterprise Application Platform and 3 more | 2024-11-21 | N/A |
| In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | ||||
| CVE-2018-14040 | 3 Debian, Getbootstrap, Redhat | 6 Debian Linux, Bootstrap, Enterprise Linux and 3 more | 2024-11-21 | N/A |
| In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | ||||
| CVE-2018-14036 | 2 Freedesktop, Redhat | 2 Accountsservice, Enterprise Linux | 2024-11-21 | N/A |
| Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. | ||||
| CVE-2018-13988 | 4 Canonical, Debian, Freedesktop and 1 more | 9 Ubuntu Linux, Debian Linux, Poppler and 6 more | 2024-11-21 | N/A |
| Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. | ||||
| CVE-2018-13796 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site. | ||||
| CVE-2018-13440 | 3 Audio File Library Project, Canonical, Redhat | 3 Audio File Library, Ubuntu Linux, Enterprise Linux | 2024-11-21 | N/A |
| The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. | ||||