Linux Enterprise Debuginfo Security Vulnerabilities and Issues — Linux Enterprise Debuginfo CVE List

Lucene search

SuseLinux Enterprise Debuginfo

12 matches found

CVE•added 2016/04/27 5:59 p.m.•126 views

CVE-2016-2782

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) in...

4.9CVSS6.1AI score0.00473EPSS

CVE•added 2016/04/19 9:59 p.m.•121 views

CVE-2015-8776

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

9.1CVSS8.5AI score0.0538EPSS

CVE•added 2016/04/19 9:59 p.m.•120 views

CVE-2014-9761

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.

9.8CVSS9AI score0.02444EPSS

CVE•added 2016/04/21 10:59 a.m.•120 views

CVE-2016-0642

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

4.7CVSS4.2AI score0.00463EPSS

CVE•added 2016/04/19 9:59 p.m.•117 views

CVE-2015-8778

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

9.8CVSS9.1AI score0.06604EPSS

CVE•added 2016/04/19 9:59 p.m.•116 views

CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

9.8CVSS9.2AI score0.04971EPSS

CVE•added 2016/04/21 10:59 a.m.•105 views

CVE-2016-0651

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

5.5CVSS4.6AI score0.0031EPSS

CVE•added 2016/04/08 2:59 p.m.•92 views

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

10CVSS9.6AI score0.2572EPSS

CVE•added 2016/04/08 2:59 p.m.•88 views

CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

10CVSS9.7AI score0.30653EPSS

CVE•added 2016/04/13 4:59 p.m.•76 views

CVE-2016-3068

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

8.8CVSS8.7AI score0.02848EPSS

CVE•added 2016/04/13 4:59 p.m.•75 views

CVE-2016-3069

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.

8.8CVSS8.7AI score0.0221EPSS

CVE•added 2016/04/13 4:59 p.m.•71 views

CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.

8.8CVSS8.7AI score0.05192EPSS