Suse Linux_enterprise_software_development_kit
268 CVEs affecting Suse Linux_enterprise_software_development_kit. Latest disclosed: 2017-07-21. Critical: 16, High: 20.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-4473 | Critical | 9.8 | 2017-06-08 | /ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-68… |
CVE-2014-9852 | Critical | 9.8 | 2017-03-17 | distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vect… |
CVE-2016-5772 | Critical | 9.8 | 2016-08-07 | Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8… |
CVE-2016-5118 | Critical | 9.8 | 2016-06-10 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at t… |
CVE-2016-0718 | Critical | 9.8 | 2016-05-26 | Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers… |
CVE-2016-1601 | Critical | 9.8 | 2016-04-26 | yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation… |
CVE-2015-8779 | Critical | 9.8 | 2016-04-19 | Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial… |
CVE-2015-8778 | Critical | 9.8 | 2016-04-19 | Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or p… |
CVE-2014-9761 | Critical | 9.8 | 2016-04-19 | Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (app… |
CVE-2016-2324 | Critical | 9.8 | 2016-04-08 | Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-… |
CVE-2016-2315 | Critical | 9.8 | 2016-04-08 | revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many… |
CVE-2015-0192 | Critical | 9.8 | 2015-07-02 | Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows… |
CVE-2014-2323 | Critical | 9.8 | 2014-03-14 | SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related… |
CVE-2015-8866 | Critical | 9.6 | 2016-05-22 | ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes i… |
CVE-2015-5041 | Critical | 9.1 | 2016-06-06 | The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to… |
CVE-2015-8776 | Critical | 9.1 | 2016-04-19 | The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash)… |
CVE-2016-3630 | High | 8.8 | 2016-04-13 | The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to… |
CVE-2016-3069 | High | 8.8 | 2016-04-13 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. |
CVE-2016-3068 | High | 8.8 | 2016-04-13 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. |
CVE-2010-2753 | High | 8.8 | 2010-07-30 | Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0… |