| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2016-1583 |
3 Linux, Canonical, Novell |
9 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 6 more |
2018-12-06 |
7.2 |
| The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc... |
| CVE-2016-9106 |
2 Novell, Qemu |
2 Leap, Qemu |
2018-12-01 |
2.1 |
| Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. |
| CVE-2015-7547 |
11 Sophos, Oracle, Canonical and 8 more |
31 Big-ip Policy Enforcement Manager, Linux Enterprise Debuginfo, Helion Openstack and 28 more |
2018-11-30 |
6.8 |
| Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute... |
| CVE-2016-0718 |
8 Libexpat, Apple, Canonical and 5 more |
14 Linux Enterprise Software Development Kit, Ubuntu Linux, Leap and 11 more |
2018-11-16 |
7.5 |
| Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. |
| CVE-2016-7141 |
3 Haxx, Novell, Opensuse |
3 Leap, Libcurl, Leap |
2018-11-13 |
5.0 |
| curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from... |
| CVE-2016-5421 |
4 Debian, Haxx, Novell and 1 more |
4 Debian Linux, Leap, Libcurl and 1 more |
2018-11-13 |
7.5 |
| Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors. |
| CVE-2016-5420 |
4 Debian, Haxx, Novell and 1 more |
4 Debian Linux, Leap, Libcurl and 1 more |
2018-11-13 |
5.0 |
| curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a... |
| CVE-2016-5419 |
4 Debian, Haxx, Novell and 1 more |
4 Debian Linux, Leap, Libcurl and 1 more |
2018-11-13 |
5.0 |
| curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session. |
| CVE-2008-4480 |
1 Novell |
1 Edirectory |
2018-11-02 |
10.0 |
| Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation... |
| CVE-2008-4479 |
1 Novell |
1 Edirectory |
2018-11-02 |
10.0 |
| Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header. |
| CVE-2008-0924 |
1 Novell |
1 Edirectory |
2018-11-01 |
6.8 |
| Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU... |
| CVE-2008-0927 |
2 Novell, Microsoft |
2 Edirectory, Windows-nt |
2018-10-31 |
5.0 |
| dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated... |
| CVE-2016-4913 |
4 Linux, Oracle, Novell and 1 more |
6 Ubuntu Linux, Suse Linux Enterprise Software Development Kit, Linux Kernel and 3 more |
2018-10-31 |
7.2 |
| The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly... |
| CVE-2016-2335 |
4 Debian, Novell, 7-zip and 1 more |
5 Debian Linux, 7zip, Opensuse and 2 more |
2018-10-30 |
6.8 |
| The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long... |
| CVE-2015-7976 |
4 Suse, Ntp, Novell and 1 more |
12 Leap, Linux Enterprise Desktop, Manager and 9 more |
2018-10-30 |
4.0 |
| The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. |
| CVE-2015-5300 |
9 Fedoraproject, Redhat, Canonical and 6 more |
22 Fedora, Enterprise Linux Hpc Node Eus, Enterprise Linux Server and 19 more |
2018-10-30 |
5.0 |
| The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g... |
| CVE-2014-2977 |
4 Suse, Directfb, Novell and 1 more |
8 Linux Enterprise Software Development Kit, Directfb, Linux Enterprise Desktop and 5 more |
2018-10-30 |
10.0 |
| Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo... |
| CVE-2015-8778 |
7 Canonical, Suse, Debian and 4 more |
11 Linux Enterprise Software Development Kit, Ubuntu Linux, Linux Enterprise Desktop and 8 more |
2018-10-30 |
7.5 |
| Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which... |
| CVE-2014-2978 |
4 Suse, Directfb, Novell and 1 more |
8 Linux Enterprise Software Development Kit, Directfb, Linux Enterprise Desktop and 5 more |
2018-10-30 |
10.0 |
| The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an... |
| CVE-2014-9761 |
6 Gnu, Suse, Fedoraproject and 3 more |
10 Linux Enterprise Software Development Kit, Ubuntu Linux, Linux Enterprise Desktop and 7 more |
2018-10-30 |
7.5 |
| Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan,... |
