Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server Supplementary
Total 85 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0358 7 Adobe, Apple, Linux and 4 more 11 Flash Player, Mac Os X, Linux Kernel and 8 more 2025-04-12 10.0 HIGH N/A
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-3039.
CVE-2014-3198 2 Google, Redhat 5 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 2 more 2025-04-12 5.0 MEDIUM N/A
The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2015-1250 4 Canonical, Debian, Google and 1 more 7 Ubuntu Linux, Debian Linux, Chrome and 4 more 2025-04-12 7.5 HIGH N/A
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-1288 4 Debian, Google, Opensuse and 1 more 7 Debian Linux, Chrome, Opensuse and 4 more 2025-04-12 6.8 MEDIUM N/A
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263.
CVE-2015-0352 7 Adobe, Apple, Linux and 4 more 11 Flash Player, Mac Os X, Linux Kernel and 8 more 2025-04-12 10.0 HIGH N/A
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
CVE-2015-3040 7 Adobe, Apple, Linux and 4 more 11 Flash Player, Mac Os X, Linux Kernel and 8 more 2025-04-12 5.0 MEDIUM N/A
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357.
CVE-2014-3193 2 Google, Redhat 5 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 2 more 2025-04-12 7.5 HIGH N/A
The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing.
CVE-2015-1243 4 Canonical, Debian, Google and 1 more 7 Ubuntu Linux, Debian Linux, Chrome and 4 more 2025-04-12 7.5 HIGH N/A
Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered.
CVE-2015-1219 3 Canonical, Google, Redhat 6 Ubuntu Linux, Chrome, Enterprise Linux Desktop Supplementary and 3 more 2025-04-12 7.5 HIGH N/A
Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering.
CVE-2015-3038 7 Adobe, Apple, Linux and 4 more 11 Flash Player, Mac Os X, Linux Kernel and 8 more 2025-04-12 10.0 HIGH N/A
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
CVE-2015-3042 7 Adobe, Apple, Linux and 4 more 11 Flash Player, Mac Os X, Linux Kernel and 8 more 2025-04-12 10.0 HIGH N/A
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043.
CVE-2014-7939 4 Chromium, Google, Opensuse and 1 more 7 Chromium, Chrome, Opensuse and 4 more 2025-04-12 4.3 MEDIUM N/A
Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header.
CVE-2014-7942 5 Canonical, Chromium, Google and 2 more 8 Ubuntu Linux, Chromium, Chrome and 5 more 2025-04-12 7.5 HIGH N/A
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2016-1662 3 Google, Opensuse, Redhat 6 Chrome, Opensuse, Enterprise Linux Desktop Supplementary and 3 more 2025-04-12 10.0 HIGH 9.8 CRITICAL
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
CVE-2015-1285 4 Debian, Google, Opensuse and 1 more 7 Debian Linux, Chrome, Opensuse and 4 more 2025-04-12 5.0 MEDIUM N/A
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack.
CVE-2015-1273 4 Debian, Google, Opensuse and 1 more 7 Debian Linux, Chrome, Opensuse and 4 more 2025-04-12 6.8 MEDIUM N/A
Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document.
CVE-2015-1277 4 Debian, Google, Opensuse and 1 more 7 Debian Linux, Chrome, Opensuse and 4 more 2025-04-12 7.5 HIGH N/A
Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures.
CVE-2015-1230 3 Canonical, Google, Redhat 6 Ubuntu Linux, Chrome, Enterprise Linux Desktop Supplementary and 3 more 2025-04-12 7.5 HIGH N/A
The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion."
CVE-2016-1665 3 Google, Opensuse, Redhat 6 Chrome, Opensuse, Enterprise Linux Desktop Supplementary and 3 more 2025-04-12 4.3 MEDIUM 6.5 MEDIUM
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.
CVE-2014-3194 2 Google, Redhat 5 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 2 more 2025-04-12 7.5 HIGH N/A
Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.