Oracle

Linux

225 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-7691

  • EPSS 6.22%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to a...

7.5

CVE-2015-7692

  • EPSS 6.32%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5

CVE-2015-7701

  • EPSS 7.8%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

6.5

CVE-2015-7702

  • EPSS 1.42%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

5.9

CVE-2015-7852

  • EPSS 3.54%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

7.5

CVE-2015-7703

  • EPSS 4.95%
  • Published 24.07.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and w...

7.5

CVE-2015-5219

  • EPSS 4.21%
  • Published 21.07.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

9.8

CVE-2016-1908

  • EPSS 2.54%
  • Published 11.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding...

6.5

CVE-2015-8896

  • EPSS 0.23%
  • Published 15.03.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.

5.3

CVE-2016-2518

  • EPSS 1.47%
  • Published 30.01.2017 21:59:01
  • Last modified 20.04.2025 01:37:25

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.