Novell

Suse Linux Enterprise Server

91 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2015-8923

  • EPSS 2.62%
  • Veröffentlicht 20.09.2016 14:15:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

5.5

CVE-2015-8922

  • EPSS 0.39%
  • Veröffentlicht 20.09.2016 14:15:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.

7.5

CVE-2015-8921

  • EPSS 4.37%
  • Veröffentlicht 20.09.2016 14:15:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

5.5

CVE-2015-8920

  • EPSS 0.48%
  • Veröffentlicht 20.09.2016 14:15:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

7.5

CVE-2015-8919

  • EPSS 7.55%
  • Veröffentlicht 20.09.2016 14:15:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

7.5

CVE-2015-8918

  • EPSS 2.57%
  • Veröffentlicht 20.09.2016 14:15:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

7.8

CVE-2016-4997

Exploit
  • EPSS 5.22%
  • Veröffentlicht 03.07.2016 21:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-contai...

7.8

CVE-2016-1583

Exploit
  • EPSS 0.25%
  • Veröffentlicht 27.06.2016 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames...

9.3

CVE-2016-2834

  • EPSS 1.55%
  • Veröffentlicht 13.06.2016 10:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

8.8

CVE-2016-2818

  • EPSS 0.59%
  • Veröffentlicht 13.06.2016 10:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...