Product:

Enterprise_linux_server

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/kyz/libmspack
https://github.com/LibRaw/LibRaw
https://github.com/rubygems/rubygems
https://github.com/madler/zlib
https://github.com/the-tcpdump-group/tcpdump
https://github.com/fedora-selinux/setroubleshoot
https://github.com/mdadams/jasper
https://github.com/ntp-project/ntp
https://github.com/neomutt/neomutt
https://github.com/mm2/Little-CMS
https://github.com/openbsd/src
https://github.com/abrt/abrt
https://github.com/mysql/mysql-server
https://github.com/golang/go
• git://git.openssl.org/openssl.git
https://github.com/dajobe/raptor
https://github.com/Katello/katello
https://github.com/opencontainers/runc
https://github.com/openstack/swift
https://github.com/qos-ch/slf4j
https://github.com/uclouvain/openjpeg
https://github.com/SELinuxProject/selinux
https://github.com/ClusterLabs/pacemaker
https://github.com/FreeRDP/FreeRDP
https://github.com/Perl/perl5
https://github.com/jpirko/libndp
https://github.com/candlepin/subscription-manager
https://github.com/dogtagpki/pki
https://github.com/szukw000/openjpeg
https://github.com/rpm-software-management/yum-utils
https://github.com/sosreport/sos-collector
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/paramiko/paramiko
https://github.com/ImageMagick/ImageMagick
https://github.com/git/git
https://github.com/karelzak/util-linux
https://github.com/GNOME/evince
https://git.savannah.gnu.org/git/patch.git
https://github.com/UNINETT/mod_auth_mellon
https://github.com/flori/json
https://github.com/flatpak/flatpak
https://github.com/libguestfs/hivex
https://github.com/vadz/libtiff
https://github.com/jquery/jquery-ui
#Vulnerabilities 1891
Date Id Summary Products Score Patch Annotated
2016-06-05 CVE-2016-1677 uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion." Ubuntu_linux, Debian_linux, Chrome, V8, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 6.5
2016-06-05 CVE-2016-1678 objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. Ubuntu_linux, Debian_linux, Chrome, V8, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 8.8
2016-06-05 CVE-2016-1679 The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 8.8
2016-06-05 CVE-2016-1680 Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors. Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 8.8
2016-06-05 CVE-2016-1681 Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 8.8
2016-06-05 CVE-2016-1682 The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration. Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 6.1
2016-06-05 CVE-2016-1683 numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise, Libxslt 7.5
2016-06-05 CVE-2016-1685 core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 6.5
2016-06-05 CVE-2016-1686 The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 6.5
2016-06-05 CVE-2016-1687 The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions. Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 6.5