Linux Enterprise Server@11.0 Security Vulnerabilities and Issues — Linux Enterprise Server@11.0 CVE List

Lucene search

SuseLinux Enterprise Server11.0

10 matches found

CVE•added 2015/05/21 12:59 a.m.•1130 views

CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then ...

4.3CVSS4.8AI score0.94027EPSS

CVE•added 2016/02/18 9:59 p.m.•255 views

CVE-2015-7547

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a...

8.1CVSS8.4AI score0.93421EPSS

CVE•added 2015/03/30 10:59 a.m.•147 views

CVE-2013-6501

The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_...

4.6CVSS7AI score0.00063EPSS

CVE•added 2016/04/19 9:59 p.m.•119 views

CVE-2014-9761

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.

9.8CVSS9AI score0.03538EPSS

CVE•added 2014/11/04 9:55 p.m.•87 views

CVE-2014-0222

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.

7.5CVSS6.5AI score0.00886EPSS

CVE•added 2014/11/04 9:55 p.m.•78 views

CVE-2014-0223

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

4.6CVSS7.2AI score0.00093EPSS

CVE•added 2013/05/13 11:55 p.m.•67 views

CVE-2013-2021

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

4.3CVSS8.6AI score0.09355EPSS

CVE•added 2014/07/17 5:10 a.m.•65 views

CVE-2014-2484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

6.5CVSS5.1AI score0.00634EPSS

CVE•added 2014/07/17 5:10 a.m.•64 views

CVE-2014-4214

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.

3.3CVSS5.1AI score0.01083EPSS

CVE•added 2013/05/13 11:55 p.m.•60 views

CVE-2013-2020

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.

5CVSS8.8AI score0.12071EPSS