Redhat: >> Enterprise Linux Server >> 6.0 Security Vulnerabilities
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
CVSS Score
9.8
EPSS Score
0.161
Published
2017-01-27
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-01-27
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-01-23
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
CVSS Score
8.8
EPSS Score
0.0
Published
2017-01-19
CVE-2016-5198
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.
Known exploited
CVSS Score
8.8
EPSS Score
0.77
Published
2017-01-19
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
CVSS Score
7.5
EPSS Score
0.389
Published
2017-01-13
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.112
Published
2016-11-08
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.081
Published
2016-11-08
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.081
Published
2016-11-08
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.081
Published
2016-11-08