Suse

Manager

19 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2019-3684

Exploit
  • EPSS 0.17%
  • Published 13.05.2019 15:29:03
  • Last modified 21.11.2024 04:42:19

SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have btrfs as filesystem

3.8

CVE-2017-7995

  • EPSS 0.1%
  • Published 03.05.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project...

4.3

CVE-2015-7976

  • EPSS 2.73%
  • Published 30.01.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

7.5

CVE-2016-4954

  • EPSS 2.18%
  • Published 05.07.2016 01:59:01
  • Last modified 12.04.2025 10:46:40

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstr...

7.5

CVE-2016-4953

  • EPSS 12.64%
  • Published 05.07.2016 01:59:00
  • Last modified 12.04.2025 10:46:40

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

6.8

CVE-2016-0264

  • EPSS 9.84%
  • Published 24.05.2016 15:59:00
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows re...

5.5

CVE-2016-3718

Warning
  • EPSS 79.25%
  • Published 05.05.2016 18:59:08
  • Last modified 12.04.2025 10:46:40

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.8

CVE-2016-3715

Warning Exploit
  • EPSS 79.8%
  • Published 05.05.2016 18:59:04
  • Last modified 12.04.2025 10:46:40

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

10

CVE-2016-3427

Warning
  • EPSS 93.75%
  • Published 21.04.2016 11:00:21
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

8.6

CVE-2016-1286

  • EPSS 68.03%
  • Published 09.03.2016 23:59:03
  • Last modified 12.04.2025 10:46:40

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.