U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
There are 1,013 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2019-17017

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Published: January 08, 2020; 5:15:12 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-17016

When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Published: January 08, 2020; 5:15:12 PM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-1311

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.

Published: December 18, 2019; 3:15:15 PM -0500
V3.1: 8.1 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8816

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8815

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8814

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:43 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8689

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:34 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8688

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:34 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8684

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:34 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8676

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:33 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8672

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:32 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8669

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:32 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8544

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:25 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8536

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:24 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8535

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:24 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8506

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:22 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: December 10, 2019; 5:15:13 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

Published: December 06, 2019; 11:15:11 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

Published: November 27, 2019; 8:15:10 AM -0500
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-11135

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

Published: November 14, 2019; 2:15:13 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 2.1 LOW