Suse Linux Enterprise Software Development Kit Security Vulnerabilities and Issues — Suse Linux Enterprise Software Development Kit CVE List

Lucene search

NovellSuse Linux Enterprise Software Development Kit

5 matches found

CVE•added 2016/04/27 5:59 p.m.•145 views

CVE-2016-2847

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

6.2CVSS6.3AI score0.00073EPSS

CVE•added 2016/05/23 10:59 a.m.•143 views

CVE-2016-4482

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

6.2CVSS6AI score0.00044EPSS

CVE•added 2015/05/14 10:59 a.m.•94 views

CVE-2015-2713

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunct...

6.8CVSS9.4AI score0.01774EPSS

CVE•added 2015/05/14 10:59 a.m.•82 views

CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.

6.8CVSS9.6AI score0.02581EPSS

CVE•added 2016/09/20 2:15 p.m.•78 views

CVE-2015-8923

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

6.5CVSS6.7AI score0.02186EPSS