Linux Enterprise Security Vulnerabilities and Issues — Linux Enterprise CVE List

Lucene search

SuseLinux Enterprise

9 matches found

CVE•added 2016/04/30 5:59 p.m.•106 views

CVE-2016-2807

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vect...

10CVSS9.3AI score0.01315EPSS

CVE•added 2016/04/30 5:59 p.m.•81 views

CVE-2016-2806

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS9.2AI score0.01315EPSS

CVE•added 2016/04/18 10:59 a.m.•77 views

CVE-2016-1651

fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read...

8.1CVSS8.2AI score0.01385EPSS

CVE•added 2016/04/18 10:59 a.m.•71 views

CVE-2016-1653

The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related t...

9.3CVSS9.3AI score0.01518EPSS

CVE•added 2016/04/18 10:59 a.m.•69 views

CVE-2016-1654

The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors.

6.5CVSS7.1AI score0.0249EPSS

CVE•added 2016/04/18 10:59 a.m.•68 views

CVE-2016-1659

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

10CVSS9.2AI score0.02365EPSS

CVE•added 2016/04/18 10:59 a.m.•66 views

CVE-2016-1655

Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.

8.8CVSS9.2AI score0.03027EPSS

CVE•added 2016/04/18 10:59 a.m.•65 views

CVE-2016-1652

Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS...

6.1CVSS6.2AI score0.00513EPSS

CVE•added 2016/04/18 10:59 a.m.•64 views

CVE-2016-1656

The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.

7.5CVSS7.8AI score0.00404EPSS