Oracle

Linux

228 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-1908

  • EPSS 2.37%
  • Veröffentlicht 11.04.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding...

6.5

CVE-2015-8896

  • EPSS 0.55%
  • Veröffentlicht 15.03.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.

5.3

CVE-2016-2518

  • EPSS 3.48%
  • Veröffentlicht 30.01.2017 21:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

5.9

CVE-2015-7977

  • EPSS 16.35%
  • Veröffentlicht 30.01.2017 21:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

7.8

CVE-2016-7039

  • EPSS 1.21%
  • Veröffentlicht 16.10.2016 21:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated b...

7.8

CVE-2016-2776

  • EPSS 88.39%
  • Veröffentlicht 28.09.2016 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted ...

5.5

CVE-2016-7166

  • EPSS 0.36%
  • Veröffentlicht 21.09.2016 14:25:29
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.

8.6

CVE-2016-6250

  • EPSS 1.71%
  • Veröffentlicht 21.09.2016 14:25:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, wh...

6.5

CVE-2016-5844

Exploit
  • EPSS 1.48%
  • Veröffentlicht 21.09.2016 14:25:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

7.5

CVE-2016-5418

Exploit
  • EPSS 5.22%
  • Veröffentlicht 21.09.2016 14:25:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.