Suse

Linux Enterprise Debuginfo

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2016-2324

  • EPSS 35.46%
  • Veröffentlicht 08.04.2016 14:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

10

CVE-2016-2315

  • EPSS 25.72%
  • Veröffentlicht 08.04.2016 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

8.6

CVE-2016-1286

  • EPSS 68.03%
  • Veröffentlicht 09.03.2016 23:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

6.8

CVE-2016-1285

  • EPSS 67.84%
  • Veröffentlicht 09.03.2016 23:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed...

8.1

CVE-2015-7547

  • EPSS 93.42%
  • Veröffentlicht 18.02.2016 21:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrar...

5

CVE-2015-0272

  • EPSS 1.08%
  • Veröffentlicht 17.11.2015 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

6.8

CVE-2015-1781

  • EPSS 7.79%
  • Veröffentlicht 28.09.2015 20:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS respo...

9.3

CVE-2015-5165

  • EPSS 10.86%
  • Veröffentlicht 12.08.2015 14:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

7.2

CVE-2015-5154

  • EPSS 0.2%
  • Veröffentlicht 12.08.2015 14:59:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

8.8

CVE-2015-4495

Warnung Exploit
  • EPSS 69.92%
  • Veröffentlicht 08.08.2015 00:59:04
  • Zuletzt bearbeitet 30.07.2025 03:15:45

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript...