Linux Enterprise Server Security Vulnerabilities and Issues — Linux Enterprise Server CVE List

Lucene search

SuseLinux Enterprise Server

14 matches found

CVE•added 2018/01/03 6:29 a.m.•510 views

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in a...

10CVSS9.5AI score0.38093EPSS

CVE•added 2018/03/30 9:29 p.m.•267 views

CVE-2018-7566

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

7.8CVSS6.9AI score0.00082EPSS

Web

CVE•added 2018/11/26 3:29 a.m.•228 views

CVE-2018-19542

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

6.5CVSS6.5AI score0.01029EPSS

CVE•added 2018/12/14 2:29 p.m.•219 views

CVE-2018-16873

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in...

8.1CVSS8.5AI score0.60127EPSS

CVE•added 2018/10/31 4:29 p.m.•215 views

CVE-2018-18873

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

5.5CVSS6.1AI score0.00483EPSS

CVE•added 2018/12/14 2:29 p.m.•204 views

CVE-2018-16874

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode ...

8.1CVSS8.2AI score0.12882EPSS

CVE•added 2018/11/26 3:29 a.m.•172 views

CVE-2018-19539

An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

6.5CVSS6.5AI score0.01026EPSS

CVE•added 2018/11/26 3:29 a.m.•171 views

CVE-2018-19541

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3,...

8.8CVSS7.2AI score0.01249EPSS

CVE•added 2018/11/26 3:29 a.m.•158 views

CVE-2018-19540

8.8CVSS7.4AI score0.00782EPSS

CVE•added 2018/10/23 2:29 a.m.•148 views

CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

6.5CVSS6.6AI score0.02358EPSS

CVE•added 2018/10/09 10:29 p.m.•142 views

CVE-2018-17962

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

7.5CVSS8.5AI score0.00304EPSS

CVE•added 2018/11/26 3:29 a.m.•140 views

CVE-2018-19543

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

7.8CVSS7.4AI score0.00365EPSS

CVE•added 2018/10/23 2:29 a.m.•135 views

CVE-2018-18585

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

4.3CVSS5.3AI score0.00473EPSS

CVE•added 2018/09/05 5:29 p.m.•41 views

CVE-2016-1000030

Pidgin version

9.8CVSS9.4AI score0.00778EPSS