Lucene search

K
SuseLinux Enterprise Server

14 matches found

CVE
CVE
added 2018/01/03 6:29 a.m.500 views

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in a...

10CVSS9.5AI score0.38093EPSS
CVE
CVE
added 2018/03/30 9:29 p.m.256 views

CVE-2018-7566

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

7.8CVSS6.9AI score0.00034EPSS
CVE
CVE
added 2018/11/26 3:29 a.m.226 views

CVE-2018-19542

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

6.5CVSS6.5AI score0.01029EPSS
CVE
CVE
added 2018/10/31 4:29 p.m.213 views

CVE-2018-18873

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

5.5CVSS6.1AI score0.00493EPSS
CVE
CVE
added 2018/12/14 2:29 p.m.198 views

CVE-2018-16873

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in...

8.1CVSS8.5AI score0.81278EPSS
CVE
CVE
added 2018/12/14 2:29 p.m.182 views

CVE-2018-16874

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode ...

8.1CVSS8.2AI score0.03463EPSS
CVE
CVE
added 2018/11/26 3:29 a.m.169 views

CVE-2018-19539

An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

6.5CVSS6.5AI score0.01026EPSS
CVE
CVE
added 2018/11/26 3:29 a.m.168 views

CVE-2018-19541

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3,...

8.8CVSS7.2AI score0.01249EPSS
CVE
CVE
added 2018/11/26 3:29 a.m.156 views

CVE-2018-19540

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3,...

8.8CVSS7.4AI score0.00782EPSS
CVE
CVE
added 2018/10/23 2:29 a.m.144 views

CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

6.5CVSS6.6AI score0.02653EPSS
CVE
CVE
added 2018/11/26 3:29 a.m.138 views

CVE-2018-19543

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

7.8CVSS7.4AI score0.00365EPSS
CVE
CVE
added 2018/10/09 10:29 p.m.133 views

CVE-2018-17962

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

7.5CVSS8.5AI score0.00711EPSS
CVE
CVE
added 2018/10/23 2:29 a.m.131 views

CVE-2018-18585

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

4.3CVSS5.3AI score0.00389EPSS
CVE
CVE
added 2018/09/05 5:29 p.m.40 views

CVE-2016-1000030

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from ano...

9.8CVSS9.4AI score0.00808EPSS