Red Hat Linux Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Linux Server.
By the Year
In 2025 there have been 0 vulnerabilities in Red Hat Linux Server. Linux Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 45 | 7.55 |
It may take a day or so for new Linux Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Linux Server Security Vulnerabilities
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80
CVE-2018-18359
8.8 - High
- December 11, 2018
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Out-of-bounds Read
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98
CVE-2018-17481
8.8 - High
- December 11, 2018
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Memory Corruption
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80
CVE-2018-18336
8.8 - High
- December 11, 2018
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Memory Corruption
Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80
CVE-2018-18337
8.8 - High
- December 11, 2018
Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80
CVE-2018-18338
8.8 - High
- December 11, 2018
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80
CVE-2018-18339
8.8 - High
- December 11, 2018
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80
CVE-2018-18340
8.8 - High
- December 11, 2018
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80
CVE-2018-18341
8.8 - High
- December 11, 2018
An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80
CVE-2018-18343
8.8 - High
- December 11, 2018
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80
CVE-2018-18346
6.5 - Medium
- December 11, 2018
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page.
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80
CVE-2018-18347
8.8 - High
- December 11, 2018
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page.
Improper Input Validation
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117
CVE-2018-6102
4.3 - Medium
- December 04, 2018
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Improper Input Validation
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117
CVE-2018-6116
6.5 - Medium
- December 04, 2018
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
NULL Pointer Dereference
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
CVE-2018-6108
6.5 - Medium
- December 04, 2018
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
CVE-2018-6107
6.5 - Medium
- December 04, 2018
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117
CVE-2018-6105
6.5 - Medium
- December 04, 2018
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
CVE-2018-6104
6.5 - Medium
- December 04, 2018
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117
CVE-2018-6103
6.5 - Medium
- December 04, 2018
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.
A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117
CVE-2018-6101
7.5 - High
- December 04, 2018
A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.
Improper Input Validation
A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117
CVE-2018-6099
6.5 - Medium
- December 04, 2018
A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
Information Disclosure
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117
CVE-2018-6095
6.5 - Medium
- December 04, 2018
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.
Information Disclosure
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117
CVE-2018-6085
8.8 - High
- December 04, 2018
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Dangling pointer
A double-eviction in the Incognito mode cache
CVE-2018-6086
8.8 - High
- December 04, 2018
A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Dangling pointer
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117
CVE-2018-6087
8.8 - High
- December 04, 2018
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Dangling pointer
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117
CVE-2018-6088
8.8 - High
- December 04, 2018
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
Improper Input Validation
A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117
CVE-2018-6089
6.5 - Medium
- December 04, 2018
A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
Improper Input Validation
An integer overflow
CVE-2018-6090
8.8 - High
- December 04, 2018
An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Integer Overflow or Wraparound
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117
CVE-2018-6092
8.8 - High
- December 04, 2018
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Integer Overflow or Wraparound
Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117
CVE-2018-6094
8.8 - High
- December 04, 2018
Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Memory Corruption
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117
CVE-2018-6098
6.5 - Medium
- December 04, 2018
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146
CVE-2018-6069
6.5 - Medium
- November 14, 2018
Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Memory Corruption
An integer overflow in Skia in Google Chrome prior to 65.0.3325.146
CVE-2018-6071
8.8 - High
- November 14, 2018
An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Integer Overflow or Wraparound
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146
CVE-2018-6072
8.8 - High
- November 14, 2018
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Memory Corruption
A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146
CVE-2018-6073
8.8 - High
- November 14, 2018
A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
Memory Corruption
Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146
CVE-2018-6074
8.8 - High
- November 14, 2018
Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page.
Improper Input Validation
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146
CVE-2018-6068
4.3 - Medium
- November 14, 2018
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Improper Input Validation
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146
CVE-2018-6075
6.5 - Medium
- November 14, 2018
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction.
Information Disclosure
Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146
CVE-2018-6076
6.1 - Medium
- November 14, 2018
Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page.
XSS
XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146
CVE-2018-6081
6.1 - Medium
- November 14, 2018
XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page.
XSS
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67
CVE-2018-17473
4.3 - Medium
- November 14, 2018
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67
CVE-2018-17469
8.8 - High
- November 14, 2018
Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
Out-of-bounds Read
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67
CVE-2018-17464
4.3 - Medium
- November 14, 2018
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64
CVE-2018-17463
8.8 - High
- November 14, 2018
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67
CVE-2018-17462
9.6 - Critical
- November 14, 2018
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
Dangling pointer
Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146
CVE-2018-6066
6.5 - Medium
- November 14, 2018
Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Linux Workstation or by Red Hat? Click the Watch button to subscribe.
