Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NovellSuse Linux Enterprise Server12.0

70 matches found

CVE
CVEadded 2016/06/13 10:59 a.m.100 views

CVE-2016-2818

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

8.8CVSS9.3AI score0.00499EPSS
CVE
CVEadded 2015/07/06 2:1 a.m.98 views

CVE-2015-2740

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.

10CVSS5AI score0.04143EPSS
CVE
CVEadded 2015/07/06 2:1 a.m.97 views

CVE-2015-2735

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

9.3CVSS4.4AI score0.0272EPSS
CVE
CVEadded 2015/01/21 6:59 p.m.96 views

CVE-2015-0400

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

5CVSS3.2AI score0.01241EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.96 views

CVE-2015-8920

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

5.5CVSS5.8AI score0.00495EPSS
CVE
CVEadded 2015/07/06 2:1 a.m.92 views

CVE-2015-2733

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.

10CVSS5.1AI score0.02691EPSS
CVE
CVEadded 2015/07/06 2:1 a.m.92 views

CVE-2015-2736

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

9.3CVSS4.4AI score0.0272EPSS
CVE
CVEadded 2016/04/27 5:59 p.m.92 views

CVE-2016-3139

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS5.7AI score0.00164EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.91 views

CVE-2015-8921

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

7.5CVSS7AI score0.0366EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.89 views

CVE-2015-8922

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.

5.5CVSS6.1AI score0.00368EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.86 views

CVE-2015-8919

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

7.5CVSS7.3AI score0.0637EPSS
CVE
CVEadded 2016/06/03 2:59 p.m.85 views

CVE-2016-0376

The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController...

8.1CVSS7.2AI score0.01931EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.82 views

CVE-2015-8923

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

6.5CVSS6.7AI score0.02186EPSS
CVE
CVEadded 2016/10/13 2:59 p.m.77 views

CVE-2016-7796

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.

5.5CVSS5.2AI score0.00385EPSS
CVE
CVEadded 2015/07/06 2:0 a.m.73 views

CVE-2015-2726

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS5.8AI score0.01528EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.70 views

CVE-2015-8918

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

7.5CVSS7AI score0.02038EPSS
CVE
CVEadded 2015/05/14 10:59 a.m.65 views

CVE-2015-2709

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

7.5CVSS9.7AI score0.00874EPSS
CVE
CVEadded 2017/06/06 6:29 p.m.63 views

CVE-2016-9961

game-music-emu before 0.6.1 mishandles unspecified integer values.

10CVSS9.3AI score0.02847EPSS
CVE
CVEadded 2017/06/06 6:29 p.m.61 views

CVE-2016-9960

game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

5.5CVSS6.5AI score0.00102EPSS
CVE
CVEadded 2017/09/08 6:29 p.m.41 views

CVE-2016-5759

The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.

7.8CVSS7.4AI score0.00029EPSS
Total number of security vulnerabilities70