Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_enterprise_software_development_kit
(Suse)Repositories |
• https://github.com/torvalds/linux
• https://github.com/krb5/krb5 • https://github.com/git/git • https://github.com/php/php-src • https://github.com/ClusterLabs/pacemaker |
#Vulnerabilities | 294 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-02-17 | CVE-2014-1947 | Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | Imagemagick, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
2016-04-19 | CVE-2014-9761 | Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function. | Ubuntu_linux, Fedora, Glibc, Opensuse, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 9.8 | ||
2015-07-02 | CVE-2015-0192 | Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine. | Java, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
2017-03-24 | CVE-2016-7797 | Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. | Pacemaker, Leap, Leap, Enterprise_linux_high_availability, Enterprise_linux_resilient_storage, Linux_enterprise_high_availability, Linux_enterprise_software_development_kit | 7.5 | ||
2017-06-08 | CVE-2016-4473 | /ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833. | Php, Linux_enterprise_module_for_web_scripting, Linux_enterprise_software_development_kit | 9.8 | ||
2016-04-13 | CVE-2016-3069 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. | Debian_linux, Fedora, Mercurial, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_debuginfo, Linux_enterprise_software_development_kit | 8.8 | ||
2016-04-13 | CVE-2016-3068 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. | Debian_linux, Fedora, Mercurial, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_debuginfo, Linux_enterprise_software_development_kit | 8.8 | ||
2017-02-03 | CVE-2016-2318 | GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. | Debian_linux, Graphicsmagick, Leap, Opensuse, Linux_enterprise_debuginfo, Linux_enterprise_software_development_kit, Studio_onsite | 5.5 | ||
2017-02-03 | CVE-2016-2317 | Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. | Debian_linux, Graphicsmagick, Leap, Opensuse, Linux_enterprise_debuginfo, Linux_enterprise_software_development_kit, Studio_onsite | 5.5 | ||
2016-09-20 | CVE-2015-8934 | The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file. | Ubuntu_linux, Libarchive, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | 5.5 |