Suse Linux_enterprise_debuginfo
37 CVEs affecting Suse Linux_enterprise_debuginfo. Latest disclosed: 2017-10-04. Critical: 10, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14491 | Critical | 9.8 | 2017-10-04 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS resp… |
CVE-2016-5772 | Critical | 9.8 | 2016-08-07 | Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8… |
CVE-2016-5118 | Critical | 9.8 | 2016-06-10 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at t… |
CVE-2016-0718 | Critical | 9.8 | 2016-05-26 | Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers… |
CVE-2015-8779 | Critical | 9.8 | 2016-04-19 | Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial… |
CVE-2015-8778 | Critical | 9.8 | 2016-04-19 | Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or p… |
CVE-2014-9761 | Critical | 9.8 | 2016-04-19 | Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (app… |
CVE-2016-2324 | Critical | 9.8 | 2016-04-08 | Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-… |
CVE-2016-2315 | Critical | 9.8 | 2016-04-08 | revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many… |
CVE-2015-8776 | Critical | 9.1 | 2016-04-19 | The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash)… |
CVE-2016-3630 | High | 8.8 | 2016-04-13 | The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to… |
CVE-2016-3069 | High | 8.8 | 2016-04-13 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. |
CVE-2016-3068 | High | 8.8 | 2016-04-13 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. |
CVE-2016-1286 | High | 8.6 | 2016-03-09 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via… |
CVE-2015-7547 | High | 8.1 | 2016-02-18 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2… |
CVE-2015-8567 | High | 7.7 | 2017-04-13 | Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). |
CVE-2015-5300 | High | 7.5 | 2017-07-21 | The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, whi… |
CVE-2015-5219 | High | 7.5 | 2017-07-21 | The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attac… |
CVE-2015-5194 | High | 7.5 | 2017-07-21 | The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted lo… |
CVE-2016-5244 | High | 7.5 | 2016-06-27 | The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attacker… |