Linux Enterprise Software Development Kit Security Vulnerabilities and Issues — Linux Enterprise Software Development Kit CVE List

Lucene search

SuseLinux Enterprise Software Development Kit

10 matches found

CVE•added 2011/08/29 3:55 p.m.•4287 views

CVE-2011-3192

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different ...

7.8CVSS6.3AI score0.92835EPSS

CVE•added 2011/12/25 1:55 a.m.•357 views

CVE-2011-4862

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as ...

10CVSS7.3AI score0.92585EPSS

CVE•added 2011/12/15 3:57 a.m.•175 views

CVE-2011-4516

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 fi...

6.8CVSS5.4AI score0.47823EPSS

CVE•added 2011/12/15 3:57 a.m.•152 views

CVE-2011-4517

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a cra...

6.8CVSS5AI score0.4213EPSS

CVE•added 2011/01/03 8:0 p.m.•118 views

CVE-2010-3876

net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.

1.9CVSS5.6AI score0.00058EPSS

CVE•added 2011/01/07 12:0 p.m.•99 views

CVE-2010-4160

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption ...

6.9CVSS7.5AI score0.00162EPSS

CVE•added 2011/01/03 8:0 p.m.•99 views

CVE-2010-4164

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_...

7.8CVSS7AI score0.03368EPSS

CVE•added 2011/01/03 8:0 p.m.•88 views

CVE-2010-4162

Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.

4.7CVSS6.6AI score0.00082EPSS

CVE•added 2011/11/11 6:55 p.m.•68 views

CVE-2011-3439

FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.

9.3CVSS7.4AI score0.06539EPSS

CVE•added 2011/07/11 8:55 p.m.•65 views

CVE-2011-1526

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FT...

6.5CVSS4.6AI score0.00228EPSS