Linux Enterprise Debuginfo Security Vulnerabilities and Issues — Linux Enterprise Debuginfo CVE List

Lucene search

SuseLinux Enterprise Debuginfo

10 matches found

CVE•added 2009/12/15 2:30 a.m.•957 views

CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild i...

9.3CVSS7.2AI score0.93381EPSS

CVE•added 2017/10/04 1:29 a.m.•577 views

CVE-2017-14491

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

9.8CVSS9.1AI score0.52378EPSS

CVE•added 2016/05/26 4:59 p.m.•309 views

CVE-2016-0718

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

9.8CVSS8.7AI score0.01504EPSS

CVE•added 2016/08/07 10:59 a.m.•217 views

CVE-2016-5772

Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mi...

9.8CVSS8.4AI score0.19808EPSS

CVE•added 2016/04/19 9:59 p.m.•121 views

CVE-2015-8776

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

9.1CVSS8.5AI score0.06886EPSS

CVE•added 2016/04/19 9:59 p.m.•119 views

CVE-2014-9761

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.

9.8CVSS9AI score0.03538EPSS

CVE•added 2016/04/19 9:59 p.m.•117 views

CVE-2015-8778

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

9.8CVSS9.1AI score0.08413EPSS

CVE•added 2016/04/19 9:59 p.m.•116 views

CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

9.8CVSS9.2AI score0.06371EPSS

CVE•added 2015/08/12 2:59 p.m.•108 views

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

9.3CVSS6.5AI score0.12372EPSS

CVE•added 2008/11/13 11:30 a.m.•83 views

CVE-2008-5021

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is stil...

9.3CVSS10AI score0.16195EPSS