Suse Manager
18 CVEs affecting Suse Manager. Latest disclosed: 2017-07-21. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-1286 | High | 8.6 | 2016-03-09 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via… |
CVE-2015-5300 | High | 7.5 | 2017-07-21 | The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, whi… |
CVE-2015-5219 | High | 7.5 | 2017-07-21 | The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attac… |
CVE-2015-5194 | High | 7.5 | 2017-07-21 | The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted lo… |
CVE-2016-4954 | High | 7.5 | 2016-07-05 | The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification)… |
CVE-2016-4953 | High | 7.5 | 2016-07-05 | ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK pack… |
CVE-2016-1285 | Medium | 6.8 | 2016-03-09 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote… |
CVE-2016-0264 | Medium | 5.6 | 2016-05-24 | Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before… |
CVE-2015-7976 | Medium | 4.3 | 2017-01-30 | The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attac… |
CVE-2017-7995 | Low | 3.8 | 2017-05-03 | Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to inform… |
CVE-2015-2808 | Low | 3.7 | 2015-04-01 | The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which make… |
CVE-2014-8162 | | 2015-05-14 | XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files… | |
CVE-2014-7812 | | 2015-01-15 | Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary we… | |
CVE-2014-7811 | | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject ar… | |
CVE-2014-3654 | | 2014-11-03 | Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers… | |
CVE-2014-3595 | | 2014-09-22 | Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows re… | |
CVE-2013-4415 | | 2014-02-14 | Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script… | |
CVE-2013-4480 | | 2013-11-18 | Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to cr… |