Linux Enterprise Workstation Extension Security Vulnerabilities and Issues — Linux Enterprise Workstation Extension CVE List

Lucene search

SuseLinux Enterprise Workstation Extension

46 matches found

CVE•added 2016/05/05 6:59 p.m.•1044 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

5.8CVSS6.3AI score0.88973EPSS

CVE•added 2016/05/05 6:59 p.m.•1040 views

CVE-2016-3718

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.5CVSS6.7AI score0.87335EPSS

CVE•added 2016/05/11 1:59 a.m.•1004 views

CVE-2016-4117

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.

10CVSS9.8AI score0.92777EPSS

CVE•added 2016/06/16 2:59 p.m.•885 views

CVE-2016-4171

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.

10CVSS9.6AI score0.26006EPSS

CVE•added 2016/06/10 3:59 p.m.•147 views

CVE-2016-5118

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

10CVSS9.5AI score0.35422EPSS

CVE•added 2016/06/27 10:59 a.m.•135 views

CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

7.5CVSS6.9AI score0.01662EPSS

CVE•added 2016/04/27 5:59 p.m.•126 views

CVE-2016-2782

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) in...

4.9CVSS6.1AI score0.00473EPSS

CVE•added 2016/04/21 10:59 a.m.•116 views

CVE-2016-0642

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

4.7CVSS4.2AI score0.00463EPSS

CVE•added 2016/04/13 3:59 p.m.•108 views

CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-th...

6CVSS5.6AI score0.00073EPSS

CVE•added 2016/04/21 10:59 a.m.•101 views

CVE-2016-0651

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

5.5CVSS4.6AI score0.0031EPSS

CVE•added 2016/06/16 2:59 p.m.•89 views

CVE-2016-4138

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

10CVSS9.1AI score0.3681EPSS

CVE•added 2016/06/16 2:59 p.m.•88 views

CVE-2016-4137

9.3CVSS8.9AI score0.4017EPSS

CVE•added 2016/06/16 2:59 p.m.•84 views

CVE-2016-4149